To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Oké, vettem!
Artwork

CISSP Cyber Security Cybersecurity Cyber Training Cybersecurity Consultant Shon Gerber Cissp Course Cissp Boot Camp Cissp Exam Cissp Practice Exam Cissp Practice Test Higher Education Podcasting Education CISSP Training
A tartalmat a Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.

Hasonló a(z) CISSP Cyber Training Podcast - CISSP Training Program sorozathoz

Player FM - Podcast alkalmazás
Lépjen offline állapotba az Player FM alkalmazással!
Get it on App Store Get it on Google Play

CISSP Cyber Training Podcast - CISSP Training Program « »
CCT 253: Practice CISSP Questions - Conduct logging and monitoring activities (Domain 7.2)

24:26
 
Lejátszás
Lejátszás
Megosztás
 

MP3Epizód kép
Manage episode 488315932 series 3464644
A tartalmat a Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.

Send us a text

Check us out at: https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv

Security professionals face a constant battle to keep up with evolving threats, and our latest CISSP Question Thursday podcast delivers critical insights into one of the most fundamental cybersecurity capabilities: effective logging and monitoring.
The episode begins with a warning about a sophisticated attack campaign targeting recruiters. The hacker group FIN6 (Skeleton Spiders) has been creating fake candidate profiles with malware-laced resume attachments, tricking HR professionals into downloading zip files containing the "More Eggs" JavaScript backdoor. This social engineering tactic exploits normal recruiting workflows to steal credentials and gain network access. We discuss why security teams must partner with recruitment departments to develop specialized awareness training and technical controls to address this growing threat.
Diving into CISSP Domain 7.2, we explore fifteen practical questions about logging and monitoring implementations. We cover critical distinctions between detection and prevention technologies, explaining why deep packet inspection is essential for identifying encrypted command and control communications over HTTPS. We examine why log integrity and non-repudiation are paramount when logs may serve as legal evidence, and why HR data provides crucial context for User and Entity Behavior Analytics (UEBA) systems trying to identify insider threats.
For those implementing Network Intrusion Prevention Systems, we emphasize the importance of deployment in detection-only mode for extended tuning periods before enabling blocking capabilities. We examine why mean time to respond (MTTR) to critical incidents provides the most holistic metric for evaluating security operations effectiveness, and why automated ingestion of threat intelligence feeds delivers the most value for continuous monitoring objectives.
This episode balances technical depth with practical implementation guidance, making it valuable for both CISSP candidates preparing for the exam and practicing security professionals looking to strengthen their monitoring capabilities. Visit CISSP Cyber Training for access to all our training materials and sign up for 360 free practice questions to accelerate your certification journey.

Support the show

Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

  continue reading

Fejezetek

1. Welcome to CISSP Cyber Training (00:00:00)

2. Hackers Targeting Recruiters with Fake Resumes (00:01:27)

3. Thursday's CISSP Questions on Logging (00:04:44)

4. Advanced Threat Detection Questions (00:09:30)

5. Log Management and Compliance Questions (00:14:55)

6. Threat Intelligence Implementation Questions (00:19:45)

7. Closing and CISSP Training Resources (00:22:46)

289 epizódok

#CISSP #Cyber Security #Cybersecurity #Cyber Training #Cybersecurity Consultant #Shon Gerber #Cissp Course #Cissp Boot Camp #Cissp Exam #Cissp Practice Exam #Cissp Practice Test #Higher Education #Podcasting Education #CISSP Training
Artwork

CCT 253: Practice CISSP Questions - Conduct logging and monitoring activities (Domain 7.2)

CISSP Cyber Training Podcast - CISSP Training Program

48 subscribers

published

Lejátszás Lejátszás
iconMegosztás
 
MP3Epizód kép
Manage episode 488315932 series 3464644
A tartalmat a Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.

Send us a text

Check us out at: https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv

Security professionals face a constant battle to keep up with evolving threats, and our latest CISSP Question Thursday podcast delivers critical insights into one of the most fundamental cybersecurity capabilities: effective logging and monitoring.
The episode begins with a warning about a sophisticated attack campaign targeting recruiters. The hacker group FIN6 (Skeleton Spiders) has been creating fake candidate profiles with malware-laced resume attachments, tricking HR professionals into downloading zip files containing the "More Eggs" JavaScript backdoor. This social engineering tactic exploits normal recruiting workflows to steal credentials and gain network access. We discuss why security teams must partner with recruitment departments to develop specialized awareness training and technical controls to address this growing threat.
Diving into CISSP Domain 7.2, we explore fifteen practical questions about logging and monitoring implementations. We cover critical distinctions between detection and prevention technologies, explaining why deep packet inspection is essential for identifying encrypted command and control communications over HTTPS. We examine why log integrity and non-repudiation are paramount when logs may serve as legal evidence, and why HR data provides crucial context for User and Entity Behavior Analytics (UEBA) systems trying to identify insider threats.
For those implementing Network Intrusion Prevention Systems, we emphasize the importance of deployment in detection-only mode for extended tuning periods before enabling blocking capabilities. We examine why mean time to respond (MTTR) to critical incidents provides the most holistic metric for evaluating security operations effectiveness, and why automated ingestion of threat intelligence feeds delivers the most value for continuous monitoring objectives.
This episode balances technical depth with practical implementation guidance, making it valuable for both CISSP candidates preparing for the exam and practicing security professionals looking to strengthen their monitoring capabilities. Visit CISSP Cyber Training for access to all our training materials and sign up for 360 free practice questions to accelerate your certification journey.

Support the show

Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

  continue reading

Fejezetek

1. Welcome to CISSP Cyber Training (00:00:00)

2. Hackers Targeting Recruiters with Fake Resumes (00:01:27)

3. Thursday's CISSP Questions on Logging (00:04:44)

4. Advanced Threat Detection Questions (00:09:30)

5. Log Management and Compliance Questions (00:14:55)

6. Threat Intelligence Implementation Questions (00:19:45)

7. Closing and CISSP Training Resources (00:22:46)

289 epizódok

#CISSP #Cyber Security #Cybersecurity #Cyber Training #Cybersecurity Consultant #Shon Gerber #Cissp Course #Cissp Boot Camp #Cissp Exam #Cissp Practice Exam #Cissp Practice Test #Higher Education #Podcasting Education #CISSP Training

Όλα τα επεισόδια

×
 
Loading …

Üdvözlünk a Player FM-nél!

A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.

 

Hasonló a(z) CISSP Cyber Training Podcast - CISSP Training Program sorozathoz

Hallgasson 500+ témát
Player FM - Podcast alkalmazás
Lépjen offline állapotba az Player FM alkalmazással!
Get it on App Store Get it on Google Play

Gyors referencia kézikönyv

Legjobb podcastok
Sport TV podcast
Arena4
Eurosport podcast
Biznisz Boyz: A magyar vállalkozói podcast show
Balázsék
GOMBAPRESSZÓ
Filmbarátok Podcast
Popkult, csajok, satöbbi » podcasts
Hold After Hours
20 perccel a jövőbe
Aréna - InfoRádió - Infostart.hu
HVG podcastok
Irodai Huszárok
A tudás (és a) hatalom [Tilos Rádió podcast]
MTA Podcast
Felforgatók
Egyszer lent
Tangó és Kes - 24.hu
Player FM logo
Súgó/GYIK | Upgrade | Hirdet
Arts|Üzleti|Komédia|Gazdaság|Szórakozás|News|Politika|Vallás
Tudomány|Futball|Sportok|Történetmesélés|Teknológia|Valódi bűnügyek
Szerzői jog 2025 | Adatvédelmi nyilatkozat | Szolgáltatás feltételei | | szerzői jog
Episode being played series thumbnail
icon icon
Sebesség
A sorozat beállításai
1x
1x
Volume
100%
icon
icon icon
/

Az Player FM megtekintése itt: ...
Player FM
Browser
Chrome
Safari
Firefox
Hallgassa ezt a műsort, miközben felfedezi
Lejátszás