CCNA

GIAC Certified Web Application Defender (GWEB)

Posted on March 20, 2018. Filed under: CCNA |

Description

The GIAC Web Application Defender certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common web application errors that lead to most security problems.

The successful candidate will have hands-on experience using current tools to detect and prevent Input Validation flaws, Cross-site scripting (XSS), and SQL Injection as well as an in-depth understanding of authentication, access control, and session management, their weaknesses, and how they are best defended.

GIAC Certified Web Application Defenders (GWEB) have the knowledge, skills, and abilities to secure web applications and recognize and mitigate security weaknesses in existing web applications.

Exam Certification Objectives & Outcome Statements

The topic areas for each exam part follow:

Access Control

The candidate will demonstrate understanding of access control attacks and mitigation strategies, as well as applying the best practice in avoiding access control issues.

AJAX Technologies and Security Strategies

The candidate will demonstrate an understanding of Asynchronous JavaScript and XML (AJAX) architecture, common attacks against AJAX technologies and best practices for securing applications using AJAX.

Authentication

The candidate will demonstrate understanding of web authentication, single sign on methods, third party session sharing and common weaknesses, as well as how to develop test strategies, and apply best practices.

Business Logic and Concurrency

The candidate will demonstrate a general understanding of business logic flaws and concurrency issues in web applications, and how to test for and mitigate against these weaknesses.

Cross Origin Policy Attacks and Mitigation

The candidate will demonstrate an understanding of methods attackers use to circumvent single origin policy enforcement and best practices for preventing, detecting or mitigating these attacks in web applications.

Cross Site Scripting

The candidate will demonstrate an understanding of what cross site scripting is and how to use best practices and browser controls to prevent it.

CSRF

The candidate will demonstrate understanding of the conditions that make a CSRF attack possible, the steps an attacker takes and how to mitigate CSRF attacks.

Encryption and Protecting Sensitive Data

The candidate will demonstrate understanding of how cryptographic components work together to protect web application data in transit and in storage and also when and where to use encryption or tokenization to protect sensitive information.

Incident Detection and Handling

The candidate will demonstrate an understanding of the controls and processes used to log errors and events, how to mitigate automated bot and spam scripts, and how to detect and respond to incidents in the web application environment.

Input Validation and Encoding

The candidate will demonstrate understanding of the threats related to user inputs of web applications and the strategies and general practice to handle user input properly to mitigate input related attacks.

Rich Interface Addon Security

The candidate will demonstrate an understanding of common Rich InterfaceApplication (RIA) platforms (such as Flash, Silverlight, HTML5), common attacks against these technologies and best practices for securing applications using RIA.

Session Management

The candidate will demonstrate understanding of what sessions are, how to test and mitigate common weaknesses, and how to properly implement session tokens and cookies in a web application.

SQL Injection

The candidate will demonstrate an understanding of what SQL Injection is and how to use best practices to prevent it.

Vulnerability Management and Penetration Testing

The candidate will demonstrate understanding of at a high level the processes for managing vulnerabilities and penetration testing a web application.

Web Environment Configuration Hardening

The candidate will demonstrate an understanding of environmental controls and operational procedures needed to secure servers and services that host web applications.

Web Mechanism and Architecture Security

The candidate will demonstrate understanding of the building blocks of web applications and how components work together to provide HTTP content as well as high level attack trends.

Web Services Security

The candidate will demonstrate an understanding of Service Oriented Architecture (SOA), common attacks against web services components (SOAP, XML, WSDL, etc) and best practices for securing web services.

Advertisements
Read Full Post | Make a Comment ( None so far )

Is the blog stats still work?

Posted on April 10, 2016. Filed under: CCNA |

  • 552,216 hits at April 10th., 2016.

yes, it is still increasing.

Read Full Post | Make a Comment ( None so far )

xyznetwork.blogspot.com url

Posted on April 3, 2016. Filed under: CCNA |

http://xyznetwork.blogspot.com/2015/02/switch-foundation.html xxxxx ICND1 And ICND2 Break Down

http://xyznetwork.blogspot.com/2011/07/switch-foundation_21.html xxxxx Switch foundation

http://xyznetwork.blogspot.com/2010/02/why-minimum-ethernet-packet-size-is-64_52.html xxxxx why the minimum ethernet packet size is 64 bytes

http://xyznetwork.blogspot.com/2010/01/answer-for-dnd2_7.html xxxxx Answer for DnD2

http://xyznetwork.blogspot.com/2009/11/wan-trouble-shooting-commands_12.html xxxxx WAN trouble-shooting commands

http://xyznetwork.blogspot.com/2009/11/public-switched-telephone-network-pstn_12.html xxxxx public switched telephone network (PSTN)

http://xyznetwork.blogspot.com/2009/11/what-is-wan_12.html xxxxx What is WAN

http://xyznetwork.blogspot.com/2009/10/switchrouter-interfaces-and-physical_58.html xxxxx Switch/Router Interfaces and Physical Ports

http://xyznetwork.blogspot.com/2009/10/basic-router-management-commands_96.html xxxxx Basic Router Management Commands

http://xyznetwork.blogspot.com/2009/10/wlan-security.html xxxxx WLAN Security

http://xyznetwork.blogspot.com/2009/10/enable-password-vs-enable-secret_14.html xxxxx enable password vs enable secret

http://xyznetwork.blogspot.com/2009/10/cisco-ios-software-overview_99.html xxxxx Cisco IOS software overview

http://xyznetwork.blogspot.com/2009/10/host-to-host-communication_99.html xxxxx Host-to-Host communication

http://xyznetwork.blogspot.com/2009/10/host-to-host-communication-through_10.html xxxxx Host-to-Host communication through a Switch

http://xyznetwork.blogspot.com/2009/10/ethernet-lan-segments_9.html xxxxx Ethernet LAN Segments

http://xyznetwork.blogspot.com/2009/10/ethernet-frame_22.html xxxxx Ethernet Frame

http://xyznetwork.blogspot.com/2009/10/what-is-lan_32.html xxxxx What is a LAN ?

http://xyznetwork.blogspot.com/2009/10/tcpip-applications_92.html xxxxx TCP/IP Applications

http://xyznetwork.blogspot.com/2009/10/udp-header_5.html xxxxx UDP Header

http://xyznetwork.blogspot.com/2009/10/tcp-header_5.html xxxxx TCP Header

http://xyznetwork.blogspot.com/2009/10/ip-and-icmp-protocols_16.html xxxxx IP and ICMP protocols

http://xyznetwork.blogspot.com/2009/10/cidr-network-address_17.html xxxxx CIDR network address

http://xyznetwork.blogspot.com/2009/10/private-ip-address-ranges_97.html xxxxx Private IP address ranges

http://xyznetwork.blogspot.com/2009/10/ip-addressing_20.html xxxxx IP addressing

http://xyznetwork.blogspot.com/2009/09/the-need-for-network-security_86.html xxxxx The need for network security

http://xyznetwork.blogspot.com/2009/09/classes-of-attack_25.html xxxxx Classes of Attack

http://xyznetwork.blogspot.com/2009/09/ccent-final-practice-exam-4-22-question_23.html xxxxx CCENT Final Practice Exam 4 — 22 Question Set

http://xyznetwork.blogspot.com/2009/09/ccent-final-exam-practice-1-50-question_97.html xxxxx CCENT Final Exam Practice 1 — 50 Question Set

http://xyznetwork.blogspot.com/2009/09/ccent-final-exam-practice-2-50-question_41.html xxxxx CCENT Final Exam Practice 2 — 50 Question Set

http://xyznetwork.blogspot.com/2009/09/ccna-practice-exam-1-50-question-set_19.html xxxxx CCNA Practice Exam 1– 50 Question Set

http://xyznetwork.blogspot.com/2009/09/configuring-cisco-asapix-7x-for-ssh_2.html xxxxx Configuring Cisco ASA/PIX 7.x for SSH

http://xyznetwork.blogspot.com/2009/09/routing-process-continued-behind-ping_41.html xxxxx Routing Process Continued — Behind the PING

http://xyznetwork.blogspot.com/2009/08/5-4-3-rule.html xxxxx 5-4-3 rule

http://xyznetwork.blogspot.com/2009/08/module-11-exam_59.html xxxxx Module 11 Exam

http://xyznetwork.blogspot.com/2009/08/exam-14-15-question-set_14.html xxxxx Exam 14 — 15 Question Set

http://xyznetwork.blogspot.com/2009/08/module-10-exam_54.html xxxxx Module 10 Exam

http://xyznetwork.blogspot.com/2009/08/exam-12-20-question-set.html xxxxx Exam 12 — 20 Question Set

http://xyznetwork.blogspot.com/2009/08/module-9-exam_6.html xxxxx Module 9 Exam

http://xyznetwork.blogspot.com/2009/08/module-8-exam_8.html xxxxx Module 8 Exam

http://xyznetwork.blogspot.com/2009/08/module-7-exam_18.html xxxxx Module 7 Exam

http://xyznetwork.blogspot.com/2009/08/module-6-exam_74.html xxxxx Module 6 Exam

http://xyznetwork.blogspot.com/2009/08/module-5-exam_21.html xxxxx Module 5 Exam

http://xyznetwork.blogspot.com/2009/08/ccent-module-4-exam_20.html xxxxx CCENT Module 4 Exam

http://xyznetwork.blogspot.com/2009/08/module-3-exam_38.html xxxxx Module 3 Exam

http://xyznetwork.blogspot.com/2009/08/module-2-exam_4.html xxxxx Module 2 Exam

http://xyznetwork.blogspot.com/2009/08/modual-1-exam_47.html xxxxx Modual 1 Exam

http://xyznetwork.blogspot.com/2009/08/ccent-final-practice-exam-3-51-question_91.html xxxxx CCENT Final Practice Exam 3 — 51 Question Set

http://xyznetwork.blogspot.com/2009/08/ccent-final-exam-3-51-question-set_9.html xxxxx CCENT Final Exam 3 — 51 question set

http://xyznetwork.blogspot.com/2009/08/floating-static-route_26.html xxxxx Floating Static Route

http://xyznetwork.blogspot.com/2009/08/ccna-and-ccent-practice-exam-questions_30.html xxxxx CCNA And CCENT Practice Exam Questions — 10 Questions On The OSI And\nTCP/IP Models

http://xyznetwork.blogspot.com/2009/08/answers-for-interconnecting-cisco_94.html xxxxx Answers for Interconnecting Cisco Networking Devices (ICND) Practice\nQuestions-Module 6

http://xyznetwork.blogspot.com/2009/08/answers-for-iinterconnecting-cisco.html xxxxx Answers for IInterconnecting Cisco Networking Devices (ICND) Practice\nQuestions – Module 5

http://xyznetwork.blogspot.com/2009/08/answers-for-iinterconnecting-cisco_46.html xxxxx Answers for IInterconnecting Cisco Networking Devices (ICND) Practice\nQuestions – Module 5

http://xyznetwork.blogspot.com/2009/08/answers-for-interconnecting-cisco_37.html xxxxx Answers for Interconnecting Cisco Networking Devices (ICND) Practice\nQuestions-Module 4

http://xyznetwork.blogspot.com/2009/08/telnet-and-ssh-maintenance-commands_56.html xxxxx Telnet and SSH Maintenance Commands

http://xyznetwork.blogspot.com/2009/08/l1-and-l2-troubleshooting_20.html xxxxx L1 and L2 Troubleshooting

http://xyznetwork.blogspot.com/2009/08/cisco-discovery-protocol-cdp_20.html xxxxx Cisco Discovery Protocol (CDP)

http://xyznetwork.blogspot.com/2009/08/preventing-virus-attacks_20.html xxxxx Preventing Virus Attacks

http://xyznetwork.blogspot.com/2009/08/antena-types_18.html xxxxx Antena types

http://xyznetwork.blogspot.com/2009/08/spread-spectrum_18.html xxxxx Spread spectrum

http://xyznetwork.blogspot.com/2009/08/physical-side-of-cisco-switches_23.html xxxxx Physical Side of Cisco Switches

http://xyznetwork.blogspot.com/2009/08/physical-connections-and-passwords_31.html xxxxx Physical Connections and Passwords

http://xyznetwork.blogspot.com/2009/08/basic-switch-security_35.html xxxxx Basic Switch Security

http://xyznetwork.blogspot.com/2009/08/cisco-3-layered-model_15.html xxxxx Cisco's 3 Layered Model

http://xyznetwork.blogspot.com/2009/08/forwarding-modes_14.html xxxxx Forwarding modes

http://xyznetwork.blogspot.com/2009/08/the-data-transmission-process_14.html xxxxx The Data Transmission Process

http://xyznetwork.blogspot.com/2009/08/the-tcpip-model_14.html xxxxx The TCP/IP Model

http://xyznetwork.blogspot.com/2009/08/answers-for-interconnecting-cisco_19.html xxxxx Answers for Interconnecting Cisco Networking Devices (ICND) Practice\nQuestions -Module 3

http://xyznetwork.blogspot.com/2009/08/crosstalk_31.html xxxxx Crosstalk

http://xyznetwork.blogspot.com/2009/08/answers-for-interconnecting-cisco_11.html xxxxx Answers for Interconnecting Cisco Networking Devices (ICND) Practice\nQuestions – Module 2

http://xyznetwork.blogspot.com/2009/08/what-is-ccna-voucher-ccna-exam-voucher_11.html xxxxx What is CCNA Voucher, CCNA Exam Voucher, CCNA Discount Voucher, or CCNA\nCertification Voucher

http://xyznetwork.blogspot.com/2009/08/decimal-binary-binary-decimal_22.html xxxxx Decimal > Binary, Binary > Decimal

http://xyznetwork.blogspot.com/2009/08/convert-binary-numbers-and-ip-addresses_92.html xxxxx Convert Binary Numbers and IP Addresses

http://xyznetwork.blogspot.com/2009/08/subnetting-scenarios_10.html xxxxx Subnetting Scenarios

http://xyznetwork.blogspot.com/2009/08/subnetting-basics_10.html xxxxx Subnetting Basics

http://xyznetwork.blogspot.com/2009/08/static-routing-theory_9.html xxxxx Static Routing Theory

http://xyznetwork.blogspot.com/2009/08/comparing-rip-versions-1-and-2_9.html xxxxx Comparing RIP Versions 1 and 2

http://xyznetwork.blogspot.com/2009/08/intro-to-pix-asa-ids-and-ips_4.html xxxxx Intro to PIX, ASA, IDS, and IPS

http://xyznetwork.blogspot.com/2009/08/the-attackers-arsenal_33.html xxxxx The Attacker’s Arsenal

http://xyznetwork.blogspot.com/2009/08/viruses-worms-and-trojan-horses_9.html xxxxx Viruses, Worms, and Trojan Horses

http://xyznetwork.blogspot.com/2009/08/firewalls-and-proxy-servers_70.html xxxxx Firewalls and Proxy Servers

http://xyznetwork.blogspot.com/2009/08/introduction-to-frame-relay_5.html xxxxx Introduction to Frame Relay

http://xyznetwork.blogspot.com/2009/08/logging-synch-and-exec-timeout_45.html xxxxx “logging synch”, and “exec-timeout”

http://xyznetwork.blogspot.com/2009/08/the-configuration-register_5.html xxxxx The Configuration Register

http://xyznetwork.blogspot.com/2009/08/introduction-to-atm_5.html xxxxx Introduction to ATM

http://xyznetwork.blogspot.com/2009/08/hdlc-and-ppp_4.html xxxxx HDLC and PPP

http://xyznetwork.blogspot.com/2009/08/wan-interface-of-cisco-router-and-wan_4.html xxxxx WAN interface of Cisco Router and WAN cabling

http://xyznetwork.blogspot.com/2009/08/modem-and-dsl-variations_3.html xxxxx Modem and DSL variations

http://xyznetwork.blogspot.com/2009/08/physical-side-of-wans_30.html xxxxx Physical Side of WANs

http://xyznetwork.blogspot.com/2009/07/managing-startup-files-and-ios-images_31.html xxxxx Managing Startup Files and IOS Images

http://xyznetwork.blogspot.com/2009/07/setup-mode_31.html xxxxx Setup Mode

http://xyznetwork.blogspot.com/2009/07/cisco-router-memory_31.html xxxxx Cisco Router Memory

http://xyznetwork.blogspot.com/2009/07/startup-sequence_31.html xxxxx Startup Sequence

http://xyznetwork.blogspot.com/2009/07/an-overview-of-wireless-security_30.html xxxxx An overview of Wireless Security

http://xyznetwork.blogspot.com/2009/07/ssids-and-mac-address-authentication_30.html xxxxx SSIDs and MAC Address Authentication

http://xyznetwork.blogspot.com/2009/07/csmaca-vs-csmacd_30.html xxxxx CSMA/CA vs CSMA/CD

http://xyznetwork.blogspot.com/2009/07/ieee-80211-standards-comparison_30.html xxxxx IEEE 802.11 Standards Comparison

http://xyznetwork.blogspot.com/2009/07/intro-to-wireless-lan_30.html xxxxx Intro to Wireless LAN

http://xyznetwork.blogspot.com/2009/07/setting-switchrouter-banner_92.html xxxxx Setting Switch/Router Banner

http://xyznetwork.blogspot.com/2009/07/intro-to-cisco-security-device-manager_24.html xxxxx Intro to Cisco Security Device Manager (SDM)

http://xyznetwork.blogspot.com/2009/07/intro-to-routing-process_53.html xxxxx Intro to the Routing Process

http://xyznetwork.blogspot.com/2009/07/keystroke-shortcuts-and-manipulating_93.html xxxxx Keystroke Shortcuts and Manipulating History

http://xyznetwork.blogspot.com/2009/07/basic-management-commands-for-switch_99.html xxxxx Basic Management Commands for The Switch

http://xyznetwork.blogspot.com/2009/07/switch-virtual-lans_23.html xxxxx Switch Virtual LANs

http://xyznetwork.blogspot.com/2009/07/switch-port-security-defaults-options_58.html xxxxx Switch Port Security Defaults, Options and Configurations

http://xyznetwork.blogspot.com/2009/07/introduction-to-stp_71.html xxxxx Introduction to STP

http://xyznetwork.blogspot.com/2009/07/repeaters-hubs-bridges-switches-and_6.html xxxxx Repeaters, Hubs, Bridges, Switches and Routers

http://xyznetwork.blogspot.com/2009/07/bridges-and-switches-flood-filter-or.html xxxxx Bridges and Switches — Flood, Filter or Forward?

http://xyznetwork.blogspot.com/2009/07/ethernet-addressing.html xxxxx Ethernet Addressing

http://xyznetwork.blogspot.com/2009/07/ip-addressing.html xxxxx IP Addressing

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-pins-and-transmissions.html xxxxx ICND1 break down – Pins And Transmissions

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-operation-of-csmacd.html xxxxx ICND1 break down – Operation of CSMA/CD

http://xyznetwork.blogspot.com/2009/07/ethernet-standards.html xxxxx Ethernet Standards

http://xyznetwork.blogspot.com/2009/07/ethernet-standards_21.html xxxxx Ethernet Standards

http://xyznetwork.blogspot.com/2009/07/arp-rarp-and-dhcp.html xxxxx ARP, RARP and DHCP

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-telnet-and-ssh.html xxxxx ICND1 break down — Telnet and SSH

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-dns-basic.html xxxxx ICND1 break down — DNS Basic

http://xyznetwork.blogspot.com/2009/07/debugging-internet-routing-problems.html xxxxx Debugging Internet Routing Problems with Traceroute

http://xyznetwork.blogspot.com/2009/07/data-transmission.html xxxxx Data Transmission

http://xyznetwork.blogspot.com/2009/07/ports-sockets-port-numbers-and.html xxxxx Ports, Sockets, Port Numbers and Multiplexing

http://xyznetwork.blogspot.com/2009/07/need-seniorlead-java-oracle-web.html xxxxx NEED – Senior/Lead Java, Oracle, Web Developer & Analyst

http://xyznetwork.blogspot.com/2009/07/software-applications-developer.html xxxxx Software Applications Developer Position Available in Florham Park, NJ

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-broadcasts-unicasts.html xxxxx ICND1 break down — Broadcasts, Unicasts, And Multicasts

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-pings-and-extended.html xxxxx ICND1 break down — Pings and extended pings

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-osi-model-review.html xxxxx ICND1 break down — An OSI Model Review

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-switchrouter-passwords.html xxxxx ICND1 break down — Switch/Router Passwords And Encryption

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-router-configuration.html xxxxx ICND1 break down — Router Configuration Modes

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-configuration-modes.html xxxxx ICND1 break down — Configuration Modes

http://xyznetwork.blogspot.com/2009/07/icnd1-break-down-what-is-network.html xxxxx ICND1 break down — What is A Network

http://xyznetwork.blogspot.com/2009/07/iphone-developer.html xxxxx Iphone Developer

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-6-router-as.html xxxxx CCNA Lab Video Tutorial 6 – Router as DHCP Server

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-5-internet.html xxxxx CCNA Lab Video Tutorial 5 – Internet Connections with NAT and PAT

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-4-ref3-ospf.html xxxxx CCNA Lab Video Tutorial 4 – Ref3 – OSPF Routing Command

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-4-ref2-eigrp.html xxxxx CCNA Lab Video Tutorial 4 – ref2 – EIGRP Routing Command

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-4-ref1-static.html xxxxx CCNA Lab Video Tutorial 4 – ref1 – STATIC Routing Command

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-4-configuring.html xxxxx CCNA Lab Video Tutorial 4 – Configuring STATIC ROUTING, RIP, EIGRP and\nOSPF

http://xyznetwork.blogspot.com/2009/07/640-802-ccna-exam-topics-blueprint.html xxxxx 640-802 CCNA® Exam Topics (Blueprint)

http://xyznetwork.blogspot.com/2009/07/640-816-icnd2-exam-topic-blueprint.html xxxxx 640-816 ICND2 Exam Topic (Blueprint)

http://xyznetwork.blogspot.com/2009/07/looking-for-network-serives.html xxxxx Looking for Network Serives professionals

http://xyznetwork.blogspot.com/2009/07/cisco-router-basic-commands-video.html xxxxx Cisco Router Basic Commands video tutoial – Configure Routing Protocal

http://xyznetwork.blogspot.com/2009/07/cisco-router-basic-commands-video_8.html xxxxx Cisco Router Basic Commands video tutoial – Configure Serial interface

http://xyznetwork.blogspot.com/2009/07/cisco-router-basic-commands-video_19.html xxxxx Cisco Router Basic Commands video tutoial – Configure FastEthernet\ninterface

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-3-cisco-router.html xxxxx CCNA Lab Video Tutorial 3 – Cisco Router Basic Commands

http://xyznetwork.blogspot.com/2009/07/package-tracer-video-tutorial-trouble.html xxxxx Package Tracer Video Tutorial – Trouble Shooting

http://xyznetwork.blogspot.com/2009/07/packet-tracer-video-tutorial-connect.html xxxxx Packet Tracer video tutorial – Connect two Switches with a Router

http://xyznetwork.blogspot.com/2009/07/packet-tracer-video-tutorial-getting.html xxxxx Packet Tracer video tutorial – Getting started

http://xyznetwork.blogspot.com/2009/07/packet-tracer-video-tutorial-dhcp-setup.html xxxxx Packet Tracer video tutorial -DHCP setup

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-2-packet-tracer.html xxxxx CCNA Lab Video Tutorial 2 – Packet Tracer Interface overview

http://xyznetwork.blogspot.com/2009/07/ccna-lab-video-tutorial-1-ccna-virtue.html xxxxx CCNA Lab Video Tutorial 1 – CCNA virtue lab with Packet Tracer

http://xyznetwork.blogspot.com/2009/07/cisco-iso-simulator-for-linux.html xxxxx Cisco ISO simulator for Linux

http://xyznetwork.blogspot.com/2009/07/linux-router-vs-cisco-router.html xxxxx Linux router vs Cisco router

http://xyznetwork.blogspot.com/2009/06/icnd1-break-down-tcp-and-udp.html xxxxx ICND1 break down — TCP and UDP

http://xyznetwork.blogspot.com/2009/06/icnd1-break-down-network-topologies.html xxxxx ICND1 break down — Network Topologies

http://xyznetwork.blogspot.com/2009/06/icnd1-break-down-ethernet-connectors.html xxxxx ICND1 break down — Ethernet Connectors and Cable Types

http://xyznetwork.blogspot.com/2009/06/icnd1-break-down-cable-category-cat-1.html xxxxx ICND1 break down — Cable Category (cat 1, cat2, cat3, cat4, cat5, cat6)

http://xyznetwork.blogspot.com/2009/06/icnd1-break-down-ip-address-classes.html xxxxx ICND1 break down — IP Address Classes

http://xyznetwork.blogspot.com/2009/06/icnd-practice-questions-module-1.html xxxxx ICND Practice Questions- Module 1

http://xyznetwork.blogspot.com/2009/06/contact-me.html xxxxx Contact Me

http://xyznetwork.blogspot.com/2009/06/contact-me_26.html xxxxx Contact Me

http://xyznetwork.blogspot.com/2009/06/thank-you-for-message.html xxxxx Thank you for the message

http://xyznetwork.blogspot.com/2009/06/mobile-application-web-developer.html xxxxx Mobile Application Web Developer

http://xyznetwork.blogspot.com/2009/06/icnd1-break-down-nat-pat.html xxxxx ICND1 break down — NAT & PAT

http://xyznetwork.blogspot.com/2009/06/nat-pat.html xxxxx NAT & PAT

http://xyznetwork.blogspot.com/2009/06/ccna-lab-how-to-setup-vpn-server-at-home.html xxxxx CCNA Lab: How to setup VPN Server at home

http://xyznetwork.blogspot.com/2009/06/icnd1-and-icnd2-break-down.html xxxxx ICND1 and ICND2 break down

http://xyznetwork.blogspot.com/2009/06/should-you-take-single-or-two-exam.html xxxxx Should You Take The Single or the Two Exam Approach To CCNA?

http://xyznetwork.blogspot.com/2009/06/640-822-icnd1-exam-topics-blueprint.html xxxxx 640-822 ICND1 Exam Topics (Blueprint)

http://xyznetwork.blogspot.com/2009/06/java-developers-needed-in-charlotte.html xxxxx Java developers needed in Charlotte, NC….please refer ($) if you can\n- thanks!! (expired…)

http://xyznetwork.blogspot.com/2009/06/top-it-certification-websites.html xxxxx Top IT certification websites

http://xyznetwork.blogspot.com/2009/06/the-resources-for-it-test.html xxxxx The resources for IT test

http://xyznetwork.blogspot.com/2009/06/what-test-to-take-make-plan.html xxxxx What Test to take? — Make Plan

http://xyznetwork.blogspot.com/2009/06/friend-blogs.html xxxxx friend blogs

http://xyznetwork.blogspot.com/2009/06/hello-world.html xxxxx Hello world!

Read Full Post | Make a Comment ( None so far )

Protected: Q & A 1

Posted on November 2, 2012. Filed under: Others |

This content is password protected. To view it please enter your password below:

Read Full Post | Make a Comment ( Enter your password to view comments. )

SANS Developer 541 Secure Coding In Java/JEE: Developing Defensible Applications

Posted on November 2, 2012. Filed under: CCNA |

You will have 180 minutes to complete 75 questions.

This exam features scoring that enables you to monitor your progress in near real time. After you have answered your fifteenth question, you will see the checkpoint score for the first 15 answers. This allows you to roughly monitor how you are progressing relative to the passing score of the exam. The checkpoint score will be updated at fifteen question intervals. For example: in this 75 question exam, an updated checkpoint score will be displayed after answering 15, 30, 45, 60, and 75 questions respectively.

If you experience any technical problems during your exam that involve a loss of exam time, please notify your proctor immediately and mention that GIAC exams are Running Clock Exams. The exam clock does not stop when there is a technical issue, and lost time must be added back by GIAC Exam Support.

Answer each question to the best of your ability on the exam. We encourage you to provide feedback to improve the certification process. You will have the opportunity to mark 10 questions for review by the GIAC exam team. To mark a question for review, click the “Flag Previous” button at the top-right of the exam console AFTER you have answered the question. You will NOT be able to go back and answer these questions again.

Please flag any questions that you feel contain:

  • Typographical errors (spacing, formatting, etc.)
  • Spelling and grammatical errors
  • Technical inaccuracies
  • More than one right answer

At the conclusion of your exam, you will have a chance to comment on the questions you marked individually. If you have specific comments or questions please provide as much information as possible.

GIAC does NOT award credit on commented exam questions, however, your comments will still be used to improve the exam.

You have the option to skip 5 questions during your exam. These questions will not be displayed again until you are close to the end of the exam. You also have the option to take 1, 15-minute break during the course of your exam. Please note, however, that any questions you skip during the exam, must be answered by clicking the “Answer Skipped” button BEFORE you take a break.

During your practice exam, you will be shown explanations by default on questions you answer incorrectly. You may optionally choose to see explanations for ALL questions you encounter on your exam, as well as disable showing explanations all-together by selecting the appropriate option at the top-right corner of the exam console.

For security reasons you will NOT be able to view the answer options for marked questions. Take any notes you require during your exam, because you will NOT be able to go back. You will have the opportunity to complete an exam evaluation at the conclusion of the exam. We welcome your comments.

For further information regarding the feedback procedure, please see the Exam Feedback Procedure page.

The questions used on this exam are considered confidential. You are NOT permitted to discuss or distribute them. Unauthorized disclosure or discussion of test questions is an ethics violation under GIAC and may result in financial liability.

DO NOT use your browser’s back button or refresh button once you start your exam. This can cause unpredictable results.

Before each GIAC exam is begun, environment and connectivity tests are performed to ensure our testing environment is supported.

Your time starts once you press the ‘Start Exam’ button below.


I declare that I am in fact the individual registered and authorized to attempt the GIAC exam. I understand that the requirements for the GIAC exam must be completed in full by me and me alone.

I understand that GIAC exams are proprietary material owned by GIAC and The SANS Institute and subject to trade secret law. I understand that all exams and related information are made available to me strictly for the purpose of skills assessment. I agree that I will not divulge any GIAC exam or exams, in whole or in part, or information pertaining to them, in any form, or by any means, without the express permission of GIAC and/or The SANS Institute.

I understand that not following the above stated policies is an ethics violation under GIAC and may result in financial liability, in addition to revocation of my GIAC certification(s).

I agree to submit any dispute to binding arbitration and all arbitration will take place in the State of Maryland.

Please enter your full name below to “sign” this page and to indicate that you agree with these rules.

I have read and agree to abide by the GIAC Code of Ethics.

Read Full Post | Make a Comment ( None so far )

Remove exchanged link kuliahku.com

Posted on July 22, 2011. Filed under: Others |

Tech blog http://kuliahku.com domain name is no longer exist, removes it from Blog roll, thanks for exchanging link with me, kuliahku!

Read Full Post | Make a Comment ( None so far )

Switch foundation

Posted on July 22, 2011. Filed under: ICND2 break down |

content moved, check updated Switch Basic Concept Review on xyznetwork.blogspot.com

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

In this class, we will review the basic concepts learned in ICND1 – Lession 3 Switching.

  • Switch is a Layer 2 network device, it forward frames based on the destination MAC address.
  • MAC Address table: When switch receives frame from new source MAC address, it creates an entry in its MAC address table or content addressable memory (CAM) table. This entry is the receiving port and the source MAC address of the frame.
  • Flooding: when switch forward a frame, it will check its CAM table for the destination MAC address. If there is an entry for the destination MAC, it forwards to that port, otherwise it forwards to all ports, except the port the frame was originally received from, this is called flooding.
  • Switching Loops and Broadcast storm: in muti-linked networks, redundent links can form a loop, called switching loop. A frame with new source MAC address can tranverse a switching loop and gets repeatly broadcasted, which is called broadcast storm. To prevent broadcast storm, STP protocal is used.

There are 3 main switch transmission methods:

  • Store-and-Forward: stores a receiving frame in memory and runs CRC check, and only forward frame if CRC passes.
  • Cut-Trough: only looks at enough of the frame for destination and forward.
  • Fragment-Free: checks the first 64 tytes of a frame before forwarding, because most of the collision happened in the first 64 bypes.
Read Full Post | Make a Comment ( None so far )

why the minimum ethernet packet size is 64 bytes

Posted on February 26, 2010. Filed under: CCNA |

latest content

 

 

 

 

 

 

 

 

The following is the answer for ATul Singh about Ethernet Frame:

The smallest packet size is 64 bytes.
14 bytes (MAC Header) + 46 bytes (Data) + 4 bytes (CRC) = 64 bytes

The smallest packet size is defined in RFC document (RFC894), I don’t know why IEEE like the number 64. As far as I concern, physics sets a low bound for the packet size. let’s review what we have learned in operation of CSMA/CD :

“If two NICs simultaneously try transmit, then both could see no carrier signal in the medium, thus decide to transmit and a collision will occur.  Collision Detection (CD) resolved this problem. When there is data waiting to be sent, each transmitting NIC will observe if a collision occurs (excess current i.e. >24mA for coaxial Ethernet). If  collision is detected, it stops transmission and sends a 32-bit jam signal instead. The receiving NIC will discard the corrupted frame due to the jam signal.”

Remember, a packet is a electromagnetic wave. For small sized packet, the wave is narrower, for large sized packet, the wave is wider.

In the following pictures, the squres represent ethernet cable, the curves represent ethernet packets (or electromagnetic waves). Suppose the node at point A and node at point C send two packets simultaneously, the node at point B will receive a corrupted data.

picture 3 is the normal situation where the packet size is large or the eletromagnetic wave is wider. When the eletromagnetic waves overlap (or packets collide) at node B, they also overlap at Node A and Node C. Therefore, both node A and node C sensed excess current and terminated the packet transmission and sent jam signals instead. Node B receives jam, discarded the corrupted packet.

In picture 1 and 2, since the packet size is too small, problem arises.

As picture 1 shows, at time 0, node A send a packet towards node B and C, while node C sends a packet towards node B and A at the same time.

As picture 2 shows, at time t, the eletromagnetic waves overlap (or packets collide) at node B, but they are not overlap at Node A or Node C. As a result, neither node A nor node C sensed excessive current, so no jam signals sent. In another words, a collision is not discovered and node B happily accepted the corrupted data!

IEEE might do their research and calculation, and find out that 32 bit packets may be too small for large LANs, 64 bit packet is large enough for even the largest LANs, so they picked the number 64. Just my guess.

Read Full Post | Make a Comment ( 1 so far )

WAN trouble-shooting commands

Posted on November 12, 2009. Filed under: CCNA, ICND1 break down |

content moved, check updated WAN Trouble-shooting on xyznetwork.blogspot.com

 

 

 

 

 

 

 

 

 

 

 

 

 

Let’s talk a little bit about IOS commands for WAN trouble-shooting.

To verify the physcial cable connection on the routers, “show controller serial 1”, where serial 1 is the serial port the cable attached to.

R1#show controller serial 1

For the sake of trouble-shooting, we may want to use command “show interface serial1” to gain more information about the interfaces. Sometimes we find that the physical interface is up and the line procol down, generally there could be two reasons

We forget to set the clock rate on DCE. The line protocal will be down after 30 seconds, because the DTE need to receive the clock rate to work correctly. To set the clock rate on the DCE, use command “clock rate 56000” to set the clock rate to, for instance, 56 kbps.

The encapsulation type mismatch on both ends of the connection.

For example, if we physically connected router R1 and R2, but set different encapsulation type on them.

R1#encapsulation ppp

R2#encapsulation hdlc

Then, we will see physical interface up and line prococal down by running command “show interface serial1” on both router R1 and R2. To resolve the problem, we issue command “encapsulation hdlc” on R1 or issue command “encapsulation ppp” on R2, so that the encapsulation type matches on both ends of the serial link.

Read Full Post | Make a Comment ( 4 so far )

CCENT Final Practice Exam 4 — 22 Question Set

Posted on September 9, 2009. Filed under: CCNA |

Answers and Explanations

01. Why would a network administrator configure port security on a switch?
(A) to prevent unauthorized Telnet access to a switch port
(B) to limit the number of Layer 2 broadcasts on a particular switch port
(C) to prevent unauthorized hosts from accessing the LAN
(D) to protect the IP and MAC address of the switch and associated ports
(E) to block unauthorized access to the switch management interfaces over common TCP ports
 

02. Which form of NAT maps multiple private IP addresses to a single registered IP address by using different ports?
(A) static NAT
(B) dynamic NAT
(C) overloading
(D) overlapping
(E) port loading
 

03. What should be part of a comprehensive network security plan?
(A) Allow users to develop their own approach to network security
(B) Physically secure network equipment from potential access by unauthorized individuals
(C) Encourage users to use personal information in their passwords to minimize the likelihood of passwords being forgotten
(D) Delay deployment of software patches and updates until their effect on end-user equipment is well known and widely reported
(E) Minimize network overhead by deactivating automatic antivirus client updates
 

04. Which of the following commands will configure a default route to any destination network not found in the routing table?
(A) Router(config)# ip default-route 0.0.0.0 255.255.255.255 s0
(B) Router(config)# ip route 0.0.0.0 255.255.255.255 s0
(C) Router(config)# ip default-route 0.0.0.0 s0
(D) Router(config)# ip route 0.0.0.0 0.0.0.0 s0
(E) Router(config)# ip route any any e0
 

05. For security reasons, information about RTA, including platform and IP addresses, should not be accessible from the Internet. This information should, however, be accessible to devices on the internal networks of RT A. Which command or series of commands will accomplish these objectives?
(A) RTA(config)#no cdp run
(B) RTA(config)#no cdp enable
(C) RTA(config)#interface s0/0
RTA(config-if)#no cdp run
(D) RTA(config)#interface s0/0
RTA(config-if)#no cdp enable
 

06. What is the purpose of flow control?
(A) to ensure data is retransmitted if an acknowledgment is not received
(B) to reassemble segments in the correct order at the destination device
(C) to provide a means for the receiver to govern the amount of data sent by the sender
(D) to regulate the size of each segment
 

07. Host A has established a communication session with host B for the first time. What enabled R1 to forward this traffic in the appropriate direction to reach the nework to which host B is attached?
(A) DNS
(B) DHCP
(C) TCP/IP
(D) a Layer 4 protocol
(E) a routing protocol
(F) a default gateway
 

08. What does the “Inside Global” address represent in the configuration of NAT?
(A) the summarized address for all of the internal subnetted addresses
(B) the MAC address of the router used by inside hosts to connect to the Internet
(C) a globally unique, private IP address assigned to a host on the inside network
(D) a registered address that represents an inside host to an outside network
 

09. How many simultaneous Telnet sessions does a Cisco router support by default?
(A) 1
(B) 2
(C) 3
(D) 4
(E) 5
(F) 6
 

10. which prompt is the global configuration mode on a Cisco router identified?
(A) Router>
(B) Router#
(C) Router(config)#
(D) Router(config-if)#
(E) Router(config-line)#c
(F) Router(config-router)#
 

11. Host A is communicating with the server. What will be the source MAC address of the frames received by Host A from the server?
(A) the MAC address of router interface e0
(B) the MAC address of router interface e1
(C) the MAC address of the server network interface
(D) the MAC address of host A
 

12. Which IP address is a private address?
(A) 12.0.0.1
(B) 168.172.19.39
(C) 172.20.14.36
(D) 172.33.194.30
(E) 192.169.42.34
 

13. Which encryption type does WPA2 use?
(A) AES-CCMP
(B) PPK via IV
(C) PSK
(D) TKIP/MIC
 

14. Which of the following protocols uses both TCP and UDP ports?
(A) FTP
(B) SMTP
(C) Telnet
(D) DNS
 

15. Three access points have been installed and configured to cover a small office. What term defines the wireless topology?
(A) BSS
(B) IBSS
(C) ESS
(D) SSID
 

16. Which command is used on a Cisco router to reach the global configuration mode?
(A) Router> enable
(B) Router# router
(C) Router# setup
(D) Router# interface
(E) Router# configure terminal
 

17. Which command will set the default gateway to 192.168.12.1 on a Cisco switch?
(A) Switch(config)# ip default-network 192.168.12.1
(B) Switch(config)# ip route-default 192.168.12.1
(C) Switch(config)# ip default-gateway 192.168.12.1
(D) Switch(config)# ip route 192.168.12.1 0.0.0.0
 

18. What is the effect of using the service password-encryption command?
(A) Only the enable password will be encrypted
(B) Only the enable secret password will be encrypted
(C) Only passwords configured after the command has been entered will be encrypted
(D) It will encrypt the secret password and remove the enable secret password from the configuration
(E) It will encrypt all current and future passwords
 

19. What is the purpose of a default route?
(A) It is a route to be used when the routing protocol fails
(B) It is a route configured by an ISP that sends traffic into a corporate network
(C) It is a route used when a packet is destined for a remote network that is not listed in the routing table.
(D) It is a route manually configured for a specific remote network for which a routing protocol is not configured.
(E) It is used to send traffic to a stub network.
20. Workstation A must be able to telnet to switch SW-A through router RTA for management purposes. What must be configured for this connection to be successful?
(A) VLAN 1 on RTA
(B) default gateway on SW-A
(C) IP routing on SW-A
(D) cross-over cable connecting SW-A and RTA
21. At which layer of the OSI model does the protocol that provides the information displayed by the show cdp neighbors command operate?
(A) physical
(B) data link
(C) network
(D) transport
(E) application
22. Serial0/0 does not respond to a ping request from a host on the FastEthernet0/0 LAN. How can this problem be corrected?
(A) Enable the Serial 0/0 interface
(B) Correct the IP address for Serial 0/0
(C) Correct the IP address for FastEthernet 0/0
(D) Change the encapsulation type on Serial 0/0
(E) Enable autoconfiguration on the Serial 0/0 interface

Read Full Post | Make a Comment ( 1 so far )

« Previous Entries

Liked it here?
Why not try sites on the blogroll...