Policies to Know for Network+ (N10-007) – Data Loss Prevention

April 2, 2018 at 11:13 pm

N10-007A comprehensive data loss prevention (DLP) policy seeks to focus on accidental or malicious data losses. DLP policies consider internal and external users as well as define practices to guard against sensitive data. The best DLP policies can also cover wide network integration, not just limiting themselves to certain areas of networking such as email.

Most DLP policies focus on the use of content-level scanning and deep content inspection (DCI) to identify sensitive data and protect it. DLP policies target activities at three levels:

  • Client level (data in operation)
  • Network level (data in transit)
  • Storage level (data at rest)

You should take the following actions when designing a DLP policy for your organization:

  • Consider any risk assessments your company has performed.
  • Incorporate key members of management from the various departments of your organization.
  • Identify the most sensitive data of the organization.
  • Outline a phased implementation of DLP and incorporate guidelines for tracking the success of the initiative.
  • Attempt to minimize any negative impacts on the business caused by the policy implementation.
  • Periodically review the DLP policy.
  • Include the appropriate event-monitoring specifics as they apply to the policy.

Policies to Know for Network+ (N10-007) – Password Policy

March 29, 2018 at 6:19 pm

N10-007Password Policy

Because more and more sensitive data is finding its way into storage on our networks, more security measures are required than ever before. As part of this, your organization needs to possess a well-crafted security policy, and this security policy should include a comprehensive password policy. As you’ll learn in this post, you should also provide detailed training on this part of the security policy.

Keep in mind that in addition to “simple” username and password combinations, many other powerful technologies found in the modern network are available for user authentication. These include:

  • One-time passwords (OTPs)
  • Client certificates
  • Smart cards
  • Biometrics
  • Multifactor authentication

Despite these additional security options, the “classic” password still plays a pivotal role in most networks. It is obvious by glancing at recent news headlines that user credentials represent a major area of attack.

Your password policy should include the following:

  • Education for end users
  • Strong password requirements, such as the following:
    • Minimum password lengths
    • Restrictions on the use of proper names
    • Password expiration
    • No previously used passwords allowed
    • No words spelled out completely within the password
    • The use of characters from the following groups:
      • Uppercase letters
      • Lowercase letters
      • Numbers
      • Special characters

Your password policy might also detail the use of password management software. This software stores passwords for different resources and can even help users generate complex passwords across these resources. Of course, the software itself must
be protected with a strong password that the user should memorize.

My CompTIA N10-007 Network+ Book Has Arrived!

February 16, 2018 at 1:53 pm

Network+

The new Network+ exam is almost here! The new exam code is N10-007! That is great for all you James Bond fans out there! Are you ready to get started on your studies and crush this new and updated exam? My print book has arrived! Just click the cover below to place your order!

Learn, prepare, and practice for CompTIA Network+ N10-007 exam success with this CompTIA approved Cert Guide from Pearson IT Certification, a leader in IT Certification learning and a CompTIA Authorized Platinum Partner.

  • Master CompTIA Network+ N10-007 exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions
  • Learn from more than two hours of video mentoring

CompTIA Network+ N10-007 Cert Guide is a best-of-breed exam study guide. Best-selling author and expert instructor Anthony Sequeira shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. The material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

The companion website contains the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The companion website also contains more than two hours of personal video mentoring from the author.

Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

The CompTIA approved study guide helps you master all the topics on the Network+ exam, including:

  • Computer networks and the OSI model
  • Network components
  • Ethernet
  • IP addressing
  • Routing traffic
  • Wide Area Networks (WANs)
  • Wireless Technologies
  • Network performance
  • Command-line utilities
  • Network management
  • Network policies and best practices
  • Network security
  • Troubleshooting

Cisco – Migrating from STP to RSTP

February 11, 2018 at 8:05 pm

CCIE

A frequent CCIE-level written exam topic is STP (PVST+) to RSTP (Rapid-PVST) migrations. This post covers the high points you should be aware of.

Some Quick Notes

  • BackboneFast and UplinkFast are no longer necessary in RSTP environments as the equivalent advantages are built-in to RSTP
  • BPDUs are version 2 in RSTP which is compatible with version 0
  • All ports now send BPDUs and they act as a keepalive mechanism
  • The new port roles are designated, root, alternate, and backup
  • The new port states are forwarding, discarding, and learning
  • The new port types are shared, edge (PortFast), and P2P
  • When an RSTP port receives a legacy BPDU, it reverts back to compatible behavior and performance enhancement benefits are lost
  • BackboneFast is configured on all switches in order to function in STP and UplinkFast is configured on access layer devices

Migrating

  • You are not forced into removing the BackboneFast and UplinkFast commands – if they are left in place, they do not impact the operation of RSTP
  • Removing the Uplinkfast command impacts the bridge priority and port cost values, so be sure you consider this
  • CatOS (FLASHBACK!) does not permit the BackboneFast command within RSTP so you must remove it in that legacy case
  • Plan a phased migration and use a maintenance window as traffic flows can be impacted
  • The configuration of the features such as PortFast, BPDUguard, BPDUfilter, root guard, and loopguard are applicable in rapid-PVST+ mode also

IPv6 Quiz – Cisco Bias

January 16, 2018 at 7:49 pm

IPv6

This latest quiz is focused on IPv6 with a bias to Cisco Systems. These questions are what one could expect on a CCNP or CCIE exam across various tracks. Enjoy!

IPv6 Quiz - Cisco Bias

Start
Congratulations - you have completed IPv6 Quiz - Cisco Bias. You scored %%SCORE%% out of %%TOTAL%%. Your performance has been rated as %%RATING%%
Your answers are highlighted below.
Return
Shaded items are complete.
12345
6End
Return

Studying for the CCIE RS Written and Lab – EIGRP Stub

January 13, 2018 at 12:41 pm

Challenges

In this video, Anthony Sequeira gives a tip on how we should consider preparing for the CCIE written and lab exams simultaneously.

400-101 CCIE R&S Written – Free Resources – TCP Operations

December 30, 2017 at 9:48 am

TCP

Here are the free resources surrounding the Explain TCP Operations section of the CCIE R&S Written version 5.1 exam.

1.1.e Explain TCP Operations

  • 1.1.e.i     IPv4 and IPv6 PMTU
  • 1.1.e.ii    MSS
  • 1.1.e. iii  Latency
  • 1.1.e. iv  Windowing
  • 1.1.e.v    Bandwidth delay product
  • 1.1.e.vi   Global synchronization
  • 1.1.e       Options

TCP Performance – The Internet Protocol Journal – Volume 3, No. 2

Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPSEC

IP Application Services Configuration Guide, Cisco IOS Release 15M&T

IPv6 Addressing and Basic Connectivity Configuration Guide, Cisco IOS Release 15M&T

IP SLAs Configuration Guide, Cisco IOS Release 15M&T

TCP Options

TCP Global Synchronization 

TCP/IP Illustrated, Volume 1

CCIERS