What is the maximum number of hops from the device that generated the given output to its BGP neighbor at 4.4.4.4?
Refer to the exhibit.
A. 3
B. 252
C. 5
D. 255
E. 2
F. 254
Answer: A
CCIE Security Written Exam v4.0
Wednesday 21 February 2018
Tuesday 19 December 2017
Why Cisco, McAfee Say Security Vendors Must Share Threat Intel to Beat the Baddies
The Cyber Threat Alliance, a group of 14 security providers who share information about threats every day, seems more likely than a friendship between a kitten and a shark. Security professionals often have trust issues. And their companies compete with each other in a lucrative market that is expected to grow to $ 96.3 billion in 2018.
So, why do Cisco, McAfee, Fortinet and others work together?
"We all recognize to a large extent that the attackers are collaborating," said Vincent Weafer, vice president of McAfee Labs. "So the question is: why are not we doing the same?"
The group's founding security providers, Fortinet, McAfee, Palo Alto Networks and Symantec, agreed in 2014 to share intelligence.
"To be honest, at first there was not a great acceptance," said Derek Menky, Fortinet global security strategist. He took a lot of conference calls with these four founders. Show me what you have, I'll show you what I have, that's something very uncommon. "
But they realized that they were not going to beat the bad guys on their own. In addition, their customers generally use multiple security products from multiple providers.
"At the end of the day, all these customers are essentially mutual customers, and it's our job to protect them," said Matt Watchinski, principal director who oversees Cisco Talos. "The better we can share data, the better we can protect our mutual customers."
Member companies often see threats at different points in the network, Weafer added. "What I see as an endpoint system is very different from a gateway, there is still a lot of room for us to be unique in this market as a company, but what we see and how we see it and how we risk voting is something in which we are all better if we share it. "
Without Freeloaders
Sharing information is a key component of the CTA. Difference to the group of the traditional Analysis and Information Exchange Centers (ISAC) or the Analysis and Information Exchange Organizations (ISAO), said the CTA President, Michael Daniel. Prior to joining the CTA, he served as special assistant to President Obama and cybersecurity coordinator in the National Security Council.
Traditional groups that share threats tend to have low participation rates. They also do not share information in real time or provide context. The CTA, on the other hand, requires members to submit a daily minimum. Use a scoring algorithm to reward the quantity, quality and speed of sending.
"We say that he must present an average of 10,000 intelligence points per day," said Daniel. "We consider the context and punctuality very highly, do not tell me that this is a bad binary, tell me what malware family is a part, what stage of the chain of murders do you think belongs, do you think it is a criminal state? or national?
Watchinski considers that the daily requirement of intelligence on threats is "how high should be to meet the requirement to walk." It prevents the use of chargers, he said. "It ensures that members have unique visibility or something that is useful to the rest of the members, so they do not get any special benefits without including data."
CTA team wins
In 2015, member companies published a white paper on the CryptoWall ransomware. They discovered that the $ 325 million in revenues that went to the attackers included ransoms paid by the victims to decrypt and access their files. They also discovered 406,887 attempts of CryptoWall infections and 4,046 malware samples.
"We discovered so much information about them that the day after they released the technical document, they stopped that version of CryptoWall," Menky said. "It was a good victory to form a team and make it more expensive for the attackers."
The white paper also showed member companies the value of working together. "We learned that everyone had some degree of unique knowledge," said Weafer. "Eighty percent probably overlapped, but that 20 percent was incredibly valuable to fill the pieces."
Watchinski points out the group's response to the May WannaCry ransomware attack as another success story. "We were all on the phone, basically we gathered everyone in a virtual room to analyze what we knew about the incident and what we could do to protect our customers," he said. "That has never happened before."
While initial reports stated that WannaCry was an email attack, it only took a couple of hours for CTA members to determine that this was not the case. "We had 12 of the largest cybersecurity companies in this conference, all saying no, we're not seeing email as a vector, it sure is another vector that disseminates this thing," said Daniel.
The companies also provided this information to the US government. UU So the Department of Homeland Security could better investigate the malware attack.
Cybersecurity campaigns
The group was relaunched as an independent organization with dedicated staff and a platform to share threats in February at RSA.
Currently, CTA has 14 associated companies: Check Point Software Technologies, Cisco, Fortinet, McAfee, Palo Alto Networks, Symantec, IntSights, Rapid7, RSA, Reversing Labs, Saint Security, SK Infosec, Sophos and ElevenPaths of Telefónica. The group is actively recruiting new members and will probably form alliances with other organizations in 2018, partners say.
The CTA also seeks to better protect customers by focusing on the tactics used by hackers, rather than just the hackers themselves. "There is a finite number of such tactics, so we are defining what those tactics are, how they work, how we track them, and how we provide protections for each of the products that member companies create," Watchinski said. "If we can get the attackers to incur development costs in their tools, that will slow down their ability to attack our customers."
The objective is to reduce the time between detection of threats and the mitigation of threats of days or weeks to hours only.
"This model really requires a lot of investment from companies," said Daniel. "Do not passively join CTA, but you have a great chance of moving the needle in the cybersecurity industry."
Monday 6 November 2017
Cisco 350-018 Question Answer
What technology can you implement on your network to allow Independent applications to work with IPv6-capable applications?
A. DS-Lite
B. NAT-PT
C. ISATAP
D. NAT 6to4
E. NAT64
Answer: E
Which three of these statements about a zone-based policy firewall are correct? (Choose three.)
A. An interface can be assigned to only one security zone.
B. By default, all traffic to and from an interface that belongs to a security zone is dropped unless explicitly allowed in the zone-pair policy.
C. Firewall policies, such as the pass, inspect, and drop actions, can only be applied between two zones.
D. In order to pass traffic between two interfaces that belong to the same security zone, you must configure a pass action using class-default.
E. Traffic cannot flow between a zone member interface and any interface that is not a zone member.
Answer: ACE
A. DS-Lite
B. NAT-PT
C. ISATAP
D. NAT 6to4
E. NAT64
Answer: E
Which three of these statements about a zone-based policy firewall are correct? (Choose three.)
A. An interface can be assigned to only one security zone.
B. By default, all traffic to and from an interface that belongs to a security zone is dropped unless explicitly allowed in the zone-pair policy.
C. Firewall policies, such as the pass, inspect, and drop actions, can only be applied between two zones.
D. In order to pass traffic between two interfaces that belong to the same security zone, you must configure a pass action using class-default.
E. Traffic cannot flow between a zone member interface and any interface that is not a zone member.
Answer: ACE
Monday 11 September 2017
Cisco 350-018 Question Answer
Which four of these attacks or wireless tools can the standard IDS signatures on a wireless LAN controller detect? (Choose four.)
A. long HTTP request
B. SYN flood
C. Deauthorization flood
D. NetStumbler
E. Wellenreiter
F. Association flood
G. AirSnort
H. Fragment Overlap attack
Answer: CDEG
What Cisco IOS feature prevents an attacker from filling up the MTU cache for locally generated traffic when using path MTU discovery?
A. Use NetFlow information to export data to a workstation.
B. Force all traffic to send 1280-byte Packets by hard coding the MSS.
C. Enable flow-label marking to track packet destination.
D. Enable flow-label switching to track IPv6 packets in the MPLS cloud.
E. Always use packets of 1500-byte size or larger.
Answer: C
A. long HTTP request
B. SYN flood
C. Deauthorization flood
D. NetStumbler
E. Wellenreiter
F. Association flood
G. AirSnort
H. Fragment Overlap attack
Answer: CDEG
What Cisco IOS feature prevents an attacker from filling up the MTU cache for locally generated traffic when using path MTU discovery?
A. Use NetFlow information to export data to a workstation.
B. Force all traffic to send 1280-byte Packets by hard coding the MSS.
C. Enable flow-label marking to track packet destination.
D. Enable flow-label switching to track IPv6 packets in the MPLS cloud.
E. Always use packets of 1500-byte size or larger.
Answer: C
Tuesday 18 April 2017
Cisco 350-018 Question Answer
Which of the following statements are true regarding hashing? (choose two)
A. Changing 1 bit of the input SHA-1 changes 1 bit of the output.
B. SHA-1 is stronger than MD5 because it can be used with a key to prevent modification.
C. MD5 produces a 160-bit result.
D. MD5 takes more CPU cycles to compute than SHA-1.
E. SHA-256 is an extension to SHA-1 with a longer output.
Answer: BE
Which statement about the effect of this command is true?
Refer to the exhibit.
A. It lists the current protocol-to-port mappings of NBAR.
B. It lists traffic that is packet switched and bypassed by NBAR.
C. It lists the number of packets processed for unknown and unclassified flows.
D. It lists the attributes configured for unknown and unclassified flows.
E. It displays the link age for unknown and unclassified flows.
Answer: D
A. Changing 1 bit of the input SHA-1 changes 1 bit of the output.
B. SHA-1 is stronger than MD5 because it can be used with a key to prevent modification.
C. MD5 produces a 160-bit result.
D. MD5 takes more CPU cycles to compute than SHA-1.
E. SHA-256 is an extension to SHA-1 with a longer output.
Answer: BE
Which statement about the effect of this command is true?
Refer to the exhibit.
A. It lists the current protocol-to-port mappings of NBAR.
B. It lists traffic that is packet switched and bypassed by NBAR.
C. It lists the number of packets processed for unknown and unclassified flows.
D. It lists the attributes configured for unknown and unclassified flows.
E. It displays the link age for unknown and unclassified flows.
Answer: D
Friday 26 August 2016
Pass4sure 350-018 Question Answer
Which protocol does 802.1X use between the supplicant and the authenticator to authenticate users who wish to access the network?
A. SNMP
B. TACACS+
C. RADIUS
D. EAP over LAN
E. PPPoE
Answer: D
A. SNMP
B. TACACS+
C. RADIUS
D. EAP over LAN
E. PPPoE
Answer: D
Monday 11 July 2016
How Cisco’s Launchpad is looking to give start-ups, developers a leg-up
Cisco’s LaunchPad programme aims to bring startups and developers on a common platform to build digital solutions
There are three billion internet users and 22 billion connected devices today. In the next five years, 3 billion more users will be added and the number of connected devices is expected to reach 50 billion. No single company will be able to create solutions for all. That is why big corporations are experimenting with a consortium approach in which different firms come together to identify problems, pool their resources to create solutions and market them.
Recently, the US-based technology firm Cisco took a step in this direction by launching its LaunchPad programme in India, which aims to bring startups, developers and Cisco’s experts on a common platform to build solutions that can help governments and enterprises digitise them.
The programme has been designed in such a way that startups, developers, Cisco’s experts and authorised channel partners will come together to identify a problem, create a solution and use Cisco’s go-to-market (GTM) platform to reach new market and build digital businesses.
Basically, India has a very large developer base. According to Cisco’s internal study, the country will have world’s largest number of developers by 2018. Since Cisco is already working with 10-12 big partners like Wipro, TCS, Cognizant, Tech Mahindra, MindTree, iGate, who have vertical expertise, with LaunchPad programme; it wants to engage the developer community with domain experts to create solutions aimed at solving digitisation problems.
“Digitisation will transform the way the next 3 billion people will work, live, play, and learn. We have an unprecedented opportunity to digitise the next three billion people in one-third the time it took to connect the first three billion. Through Cisco LaunchPad we want to unleash the next generation of disruptive ideas and help turn the entrepreneurs of today into the business leaders of tomorrow,” said Amit Phadnis, president, engineering and India site leader, Cisco.
To ensure smooth flow and faster progress, Cisco is providing space at its Bengaluru campus with access to a suite of Cisco’s technologies and free grants to startups chosen to work at its campus. In addition, a dedicated team from Cisco will be available to mentor startups and developers. The company informs that entry to this programme will involve a rigorous selection process based on the viability of applicant’s business plans, the strength of their teams and their alignment with Cisco’s digitisation vision.
Also, in order to bridge the gap between the high pace working style of a startup and bureaucratic way of functioning of large corporation, Cisco says that it will keep the team very nimble. “There will be a serious technical person like a principal engineer or distinguished engineer and director of engineering who will be directly attached with the programme. They will be our conduit to rest of Cisco, they can make the decision quickly, they can pull other resources from Cisco if needed,” said Phadnis, adding that the purpose of the programme is to help the startups, not to become the bottleneck.
Is Cisco’s LaunchPad different from startup programmes of other tech giants such as SAP, Microsoft, National Instruments, Avaya? Perhaps not, but Phadnis argued that an opportunity to work on solving business relevant problems by catering to use cases that are already identified and validated by Cisco go-to-market teams is something unique. He said, “I will not categorise it as a startups programme neither it is just an accelerator. It is a much large construct. The basic difference is that we are getting the entire go-to-market muscle of Cisco behind this programme. Lot of background activity is happening within Cisco to identify what are those opportunities from digitisation perspective that we need to solve.”
Cisco already runs Cisco Digitisation Acceleration and Cisco Investment programmes in India. It has committed $280m to boost the Indian startup ecosystem. In fact, during the launch of this programme, the company announced that it had collaborated with Tech Mahindra to develop digital solutions for electric utilities. They will work with select startups and developers to create solutions that can digitise different elements of power sector like digital meter.
There are three billion internet users and 22 billion connected devices today. In the next five years, 3 billion more users will be added and the number of connected devices is expected to reach 50 billion. No single company will be able to create solutions for all. That is why big corporations are experimenting with a consortium approach in which different firms come together to identify problems, pool their resources to create solutions and market them.
Recently, the US-based technology firm Cisco took a step in this direction by launching its LaunchPad programme in India, which aims to bring startups, developers and Cisco’s experts on a common platform to build solutions that can help governments and enterprises digitise them.
The programme has been designed in such a way that startups, developers, Cisco’s experts and authorised channel partners will come together to identify a problem, create a solution and use Cisco’s go-to-market (GTM) platform to reach new market and build digital businesses.
Basically, India has a very large developer base. According to Cisco’s internal study, the country will have world’s largest number of developers by 2018. Since Cisco is already working with 10-12 big partners like Wipro, TCS, Cognizant, Tech Mahindra, MindTree, iGate, who have vertical expertise, with LaunchPad programme; it wants to engage the developer community with domain experts to create solutions aimed at solving digitisation problems.
“Digitisation will transform the way the next 3 billion people will work, live, play, and learn. We have an unprecedented opportunity to digitise the next three billion people in one-third the time it took to connect the first three billion. Through Cisco LaunchPad we want to unleash the next generation of disruptive ideas and help turn the entrepreneurs of today into the business leaders of tomorrow,” said Amit Phadnis, president, engineering and India site leader, Cisco.
To ensure smooth flow and faster progress, Cisco is providing space at its Bengaluru campus with access to a suite of Cisco’s technologies and free grants to startups chosen to work at its campus. In addition, a dedicated team from Cisco will be available to mentor startups and developers. The company informs that entry to this programme will involve a rigorous selection process based on the viability of applicant’s business plans, the strength of their teams and their alignment with Cisco’s digitisation vision.
Also, in order to bridge the gap between the high pace working style of a startup and bureaucratic way of functioning of large corporation, Cisco says that it will keep the team very nimble. “There will be a serious technical person like a principal engineer or distinguished engineer and director of engineering who will be directly attached with the programme. They will be our conduit to rest of Cisco, they can make the decision quickly, they can pull other resources from Cisco if needed,” said Phadnis, adding that the purpose of the programme is to help the startups, not to become the bottleneck.
Is Cisco’s LaunchPad different from startup programmes of other tech giants such as SAP, Microsoft, National Instruments, Avaya? Perhaps not, but Phadnis argued that an opportunity to work on solving business relevant problems by catering to use cases that are already identified and validated by Cisco go-to-market teams is something unique. He said, “I will not categorise it as a startups programme neither it is just an accelerator. It is a much large construct. The basic difference is that we are getting the entire go-to-market muscle of Cisco behind this programme. Lot of background activity is happening within Cisco to identify what are those opportunities from digitisation perspective that we need to solve.”
Cisco already runs Cisco Digitisation Acceleration and Cisco Investment programmes in India. It has committed $280m to boost the Indian startup ecosystem. In fact, during the launch of this programme, the company announced that it had collaborated with Tech Mahindra to develop digital solutions for electric utilities. They will work with select startups and developers to create solutions that can digitise different elements of power sector like digital meter.
Subscribe to:
Posts (Atom)