Protecting the Organization
This chapter covers some of the technology and processes used by cybersecurity professionals when protecting an organization’s network, equipment and data. First, it briefly covers the many types of firewalls, security appliances, and software that are currently used, including best practices.
Next, this chapter explains botnets, the kill chain, behavior-based security, and using NetFlow to monitor a network.
The third section discusses Cisco’s approach to cybersecurity, including the CSIRT team and the security playbook. It briefly covers the tools that cybersecurity professionals use to detect and prevent network attacks.