THE CISCO MIND SHARE GAME FULL VERSION IS AVAILABLE NOW!
The Cisco Mind Share Game is the most comprehensive Learning Game from Cisco yet! This fun and challenging game covers more than half the content of the CCENT / CCNA exam. It was designed to reinforce a variety of standard networking skills and help you practice these new skills in preparation for CCENT and CCNA Cisco certification exams.
The Mind Share Game FULL version covers 15 topics including:
- Binary number
- IOS fundamentals
- IP Addressing
- Ip routing
- NAT and PAT
- The osi model
- Subnetting
- Swith operation and behavior
- Wireless
Achieving a high score in the game requires a keen understanding of the technology, quick recall and recognition, and shrewd gaming strategy. The Cisco Mind Share Game is a great way to improve your speed and accuracy on Cisco certification exams and have fun at the same time! Be one of the first to own this entertaining learning tool from Cisco…you’ll see immediately why thousands of networking professionals use learning games as the killer app in their exam preparation arsenal.
Download and play the Demo Version for a preview of the Mind Share Game.
The Demo version features 5 of the FULL version’s 15 exciting sections, each playable at 3 levels of difficulty. It will leave you wanting more and now more is available in the FULL version.
Ref:
https://cisco.hosted.jivesoftware.com/docs/DOC-3820
CCNA Security 640-553 Cert Flash Cards Online available
The CCNA Security 640-553 Cert Flash Cards Online provides a concise review of all objectives on the IINS exam 640-553. This online exam preparation tool consists of a custom flash card application loaded with 250 total questions that test your skills and enhance retention of exam topics.
Questions are organized by exam objective, allowing you to focus your study on selected topics. You can choose to view cards in order or at random, and you can create custom sets from the entire bank of cards. The engine provides you with the ability to mark each question correct or incorrect and provides a detailed score report by category at the end of the exam. You can even write notes on each question and then get a printable PDF of all your notes aligned to the relevant questions.
These robust features make this a truly unique learning tool:
. Test your knowledge by entering your own answers
. Grade your answers against the correct answer
. Create custom question sets
. View detailed score reports
. Enter and print notes for each question
. Use on any device that has a web browser and Internet connection
CCNA Security 640-553 Cert Flash Cards Online is an online, internet-based service, available in both desktop and mobile device formats, allowing you to test yourself at home, at work, or on the go.
System Requirements:
Web browser and Internet connection
US: $24.99 / CAN: $29.99
Table of Contents
1. Describe the security threats facing modern network infrastructures
2. Secure Cisco[r] routers
3. Implement AAA on Cisco routers using local router database and external ACS
4. Mitigate threats to Cisco routers and networks using ACLs
5. Implement secure network management and reporting
6. Mitigate common Layer 2 attacks
7. Implement the Cisco IOS[r] IPS feature set using SDM
8. Implement site-to-site VPNs on Cisco Routers using SDM
source: http://www.ciscopress.com/bookstore/product.asp?isbn=1587058588
Tags: 640-553, Ressources, training
Change your IP address for testing purpose : free VPN service
Sometimes you need to change your IP address to see what others see of your network.
You can use the Loki Network utility to change your IP address and do some testing :
"Loki Network Project is free VPN service and SSL based free VPN server. It is an opportunity to protect your private data (IP address, e-mail/FTP/HTTP passwords, web-sites visited, uploaded/downloaded files and etc…) and bypass certain Internet access limitations you may have at your location.
An example, free Public Loki VPN Service allows you:
- Protect your data from being intercepted by various network sniffers in your LAN segment
- Safely bypass traffic interception and analyses on corporate, ISP or even country level firewall
Bypass any limitations in visiting web-sites or any other Internet services (if access to Loki VPN Servers is not blocked directly).
Loki Network Project can suggest two scenarios to protect your private data:
To use our Public VPN Service that includes set of Loki VPN Servers located in different countries. Guest access to our public service is free to use.
To create your custom service based on your own copy of VPN Server installed on your dedicated or home server. Community version of Loki VPN Server Desktop Edition is free for download and use.
According to all scenarios you have to download and install our free VPN Client software used to help you to create your own security schema.
Download it here : Version 1.2.0.9 Size 4 MB
Other useful link : http://www.freeproxy.ru/en/free_proxy/cgi-proxy.htm
Networking Essential Free Poster !
A free Networking Essentials Free Poster with cable types, Osi Layer, Protocles, Network Topologies, …
SDLC : Systems Development Life Cycle Poster
Systems Development Life Cycle (SDLC), or Software Development Life Cycle, in systems engineering and software engineering relates to models or methodologies, that people use to develop systems, generally computer systems.
OSI and the Cisco Three-Layer Hierarchical Model Poster
Free OSI and the Cisco Three-Layer Hierarchical Model poster from TextBuddy
Cisco System Development Life Cycle Mindmap
Tags: MindMap, System Development Life
Defense-in-Depth with defense in breadth
You can find in the Cisco certification guide for the Cisco 640-553 this explanation of the Defense-in-Depth security approach :
“Cisco recommends multiple and overlapping solutions. These overlapping solutions target different aspects of security, such as securing against insider attacks and securing against technical attacks. These solutions should also be subjected to routine testing and evaluation. Security solutions should also overlap in a way that eliminates any single point of failure.
Defense in Depth is a design philosophy that achieves this layered security approach. The layers of security present in a Defense in Depth deployment should provide redundancy for one another while offering a variety of defense strategies for protecting multiple aspects of a network. Any single points of failure in a security solution should be eliminated, and weak links in the security solution should be strengthened.”
But if you consider attacks targeting the different aspect of security : Confidentiality, Integrity, and Availability, (CIA) things are not such simpler.
Read this article on “Observations on the effects of defense in depth on adversary behavior in cyber warfare”. They have built different networks with different number of security layers. Then a team tried to catch flags that correspond to the realization of an attack on the different CIA security aspects for each network.
The goal is to see the factor between the number of security layer in each network and the corresponding time for the attacker to successfully launch all the three attack ( Confidentiality, Integrity, Availability)
The result is that to launch a read or modify attack the workload that take two hours at configuration level one and two, take 26 hours at level 3. The big change is in the time to develop the attack instead of launching it.
You can see that in the following graph :
But what happens to availability attacks ?
More you have systems, more you have possibility to exploit a vulnerability from the chain of systems and to denial service to it.
Look at the following graph :
Less time to launch a denial of services attack with more layer of security.
Therefore, what to do ? Plans carefully your different layer and the overlaps between them , think about not only the number, but the scope covered by the layer think about “Defense-in-Depth” with “Defense-in-breadth”.
The following graph from the US Transport Security Agency is an example of the “Defense-in-Depth” with “Defense-in-breadth” security approach, you have multiple layer that’s overlaps with each other to form a large area of defense.
Source : http://www.tsa.gov/what_we_do/layers/index.shtm
In conclusion, adding security layers to a system does not necessarily guarantee increased assurance. Introducing new layers of security has the potential to introduce new vulnerabilities, or control surfaces, for sophisticated adversaries to exploit. Defensive layers must be analyzed to gain a thorough understanding of how they work together before they are integrated into an operational system.
Excel workbook to create IPSec template for Cisco IOS
Use this sheet from TechRepublic to get a commented configuration IPsec template for your IOS devices.
Sample output from this tool:
- ipsec template result sample for Cisco IOS devices
You can download this tool here : ipsec_worksheet
SAN Security ressources from SanSecurity.com
A simple site with a FAQ and a lot of links concerning System Area Network Security :
Ressources :
http://www.sansecurity.com/san-security-articles.shtml
Here is the FAQ :