In this section, we will learn to define the stages of analysis. For each stage, you will learn to identify the elements that should be referenced and the organizational stakeholders who are involved in, and subject to, the plan. This understanding of NIST.SP800-61 Revision 2 links specifically to topics 3.2 and 3.3 of the 210-255 syllabus.
Implementing Cisco Cybersecurity Operations (210-255) Topic List:
3.2 Map elements to these steps of analysis based on the NIST.SP 800-61 Revision 2
3.2.a Preparation
3.2.b Detection and analysis
3.2.c Containment, eradication, and recovery
3.2.d Post-incident analysis (lessons learned)
3.3 Map the organization stakeholders against the NIST IR categories (C2M2, NIST.SP 800-61 Revision 2)
3.3.a Preparation
3.3.b Detection and analysis
3.3.c Containment, eradication, and recovery
3.3.d Post-incident analysis (lessons...
3.2 Map elements to these steps of analysis based on the NIST.SP 800-61 Revision 2
3.2.a Preparation
3.2.b Detection and analysis
3.2.c Containment, eradication, and recovery
3.2.d Post-incident analysis (lessons learned)
3.3 Map the organization stakeholders against the NIST IR categories (C2M2, NIST.SP 800-61 Revision 2)
3.3.a Preparation
3.3.b Detection and analysis
3.3.c Containment, eradication, and recovery
3.3.d Post-incident analysis (lessons...