This document provides an overview and instructions for the NETW450 Advanced Network Security with Lab Entire Class course. It includes discussion questions and lab assignments for each of the 7 weeks in the course. The labs focus on topics like security policies, router security, switch security, wireless security, firewalls, intrusion detection/prevention, and virtual private networks. For each lab, students are expected to complete tasks in a provided lab report document and submit it to the instructor. The document also includes a tutorial on access control lists that defines ACL concepts and provides examples for creating standard and extended ACLs to filter network traffic based on IP addresses, protocols, and port numbers.
This slides show
1. How to obtain code coverage information for Java code
2. What kind of code coverage it is possible to get
3. Is 100% block coverage feasible, is it useful
4. How the code coverage could be used for more than discovering a percentage of uncovered code
Dev seccon london 2016 intelliment securityDevSecCon
This document discusses writing firewall policies in application manifests from a DevSecOps perspective. It describes how defining network and security requirements as code can help automate infrastructure delivery and reduce bottlenecks. The presenter advocates applying a "shift left" paradigm to define requirements early. A demo is outlined showing how Puppet can be used to define an application's network visibility needs, which are then automatically validated and deployed to firewalls by Intelliment for consistent security compliance across teams.
Network Security Open Source Software Developer CertificationVskills
Vskills certification for Network Security Open Source Software Developer assesses the candidate as per the company’s need for network security software development. The certification tests the candidates on various areas in writing Plug-ins for nessus, ettercap network sniffer, Nikto vulnerability scanner, extending hydra and nmap, writing modules for the Metasploit framework, extending Webroot, writing network sniffers and packet-injection tools.
Security process should be integrated with SDLC well to be successful. While many companies have already moved from Waterfall to Agile methodologies security remains behind more often than not. We have demonstrated in our presentation how security can move to agile by utilizing open source tools, customizing them to meet our needs and to implement a continuos security testing using dynamic scanners as well as manual testing.
It’s very important also to assure that false positives are not fed to the developers bug tracking systems and to assign a severity for each finding correctly. To make it happen we import all our findings to a security dashboard and review them before exporting to a bug tracking system.
The ECSA is a highly interactive, comprehensive, standards-based and methodology intensive training program which teaches information security professionals to conduct real life penetration tests. It provides learners with a real world hands-on penetration testing experience. It is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments. And they learn to document and write a penetration testing report.
The ECSA program takes the tools and techniques learned in the Certified Ethical Hacker course (CEH) and elevates learners' ability into full exploitation by teaching how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology.
ITpreneurs has formed a partnership with EC-Council to provide a diverse portfolio of IT Security training and certifications in the Middle East (Kingdom of Saudi Arabia, United Arab Emirates, Kuwait, Oman, Bahrain, Qatar, Lebanon, Jordan) and Turkey. EC Council (International Council of E-Commerce Consultants) is one of the world’s largest certification bodies for information security professionals and e-business. ITpreneurs partners can provide unique offerings to help their clients in these countries to manage the emerging challenges posed by cyber security related threats.
Contact us today on info@itpreneurs.com and find out how you can bring EC-Council training to your clients.
This session that will give you a thorough overview of the DevNet Sandbox, what it provides, and how it can help you with your development needs. We'll cover the most common use-cases of Sandbox users, how it empowers developers to get a jump-start with Cisco technologies, and how the IVT Labs may be an excellent option for obtaining your product's "Cisco Compatible" logo. In this session we'll dive into Lab specifics including: how to find the right Lab for your needs, how to make a Lab reservation, how to connect to your Lab, and how to interact with all of the awesome Cisco technology in your reserved Lab. We'll also cover common questions like "Where can I get technology information?", and "Where can I get help if I have questions or problems?". Come join us for a few minutes and we'll put you well on your way to becoming a Sandbox expert.
Testing in a Continuous Delivery Pipeline - Better, Faster, CheaperGene Gotimer
The continuous delivery pipeline is the process of taking new or changed features from developers, and getting features deployed into production and delivered quickly to the customer. Gene Gotimer says testing within continuous delivery pipelines should be designed so the earliest tests are the quickest and easiest to run, giving developers the fastest feedback. Successive rounds of testing lead to increased confidence that the code is a viable candidate for production and that more expensive tests—time, effort, cost—are justified. Manual testing is performed toward the end of the pipeline, leaving computers to do as much work as possible before people get involved. Although it is tempting to arrange the delivery pipeline in phases (e.g., functional tests, then acceptance tests, then load and performance tests, then security tests), this can lead to serious problems progressing far down the pipeline before they are caught. Gene shows how to arrange your tests so each round provides just enough testing to give you confidence that the next set of tests is worth the investment. He explores how to get the right types of testing into your pipeline at the right points.
Newspeak: Evolving Smalltalk for the Age of the NetESUG
This document discusses Newspeak, an evolution of Smalltalk designed for the modern web. Newspeak aims to improve on Smalltalk's modularity, security, and interoperability using message-based programming and an object capability model without static state. It also aims to support cloud computing by enabling network-serviced applications that can run locally but sync seamlessly with server-hosted software and data.
This slides show
1. How to obtain code coverage information for Java code
2. What kind of code coverage it is possible to get
3. Is 100% block coverage feasible, is it useful
4. How the code coverage could be used for more than discovering a percentage of uncovered code
Dev seccon london 2016 intelliment securityDevSecCon
This document discusses writing firewall policies in application manifests from a DevSecOps perspective. It describes how defining network and security requirements as code can help automate infrastructure delivery and reduce bottlenecks. The presenter advocates applying a "shift left" paradigm to define requirements early. A demo is outlined showing how Puppet can be used to define an application's network visibility needs, which are then automatically validated and deployed to firewalls by Intelliment for consistent security compliance across teams.
Network Security Open Source Software Developer CertificationVskills
Vskills certification for Network Security Open Source Software Developer assesses the candidate as per the company’s need for network security software development. The certification tests the candidates on various areas in writing Plug-ins for nessus, ettercap network sniffer, Nikto vulnerability scanner, extending hydra and nmap, writing modules for the Metasploit framework, extending Webroot, writing network sniffers and packet-injection tools.
Security process should be integrated with SDLC well to be successful. While many companies have already moved from Waterfall to Agile methodologies security remains behind more often than not. We have demonstrated in our presentation how security can move to agile by utilizing open source tools, customizing them to meet our needs and to implement a continuos security testing using dynamic scanners as well as manual testing.
It’s very important also to assure that false positives are not fed to the developers bug tracking systems and to assign a severity for each finding correctly. To make it happen we import all our findings to a security dashboard and review them before exporting to a bug tracking system.
The ECSA is a highly interactive, comprehensive, standards-based and methodology intensive training program which teaches information security professionals to conduct real life penetration tests. It provides learners with a real world hands-on penetration testing experience. It is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments. And they learn to document and write a penetration testing report.
The ECSA program takes the tools and techniques learned in the Certified Ethical Hacker course (CEH) and elevates learners' ability into full exploitation by teaching how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology.
ITpreneurs has formed a partnership with EC-Council to provide a diverse portfolio of IT Security training and certifications in the Middle East (Kingdom of Saudi Arabia, United Arab Emirates, Kuwait, Oman, Bahrain, Qatar, Lebanon, Jordan) and Turkey. EC Council (International Council of E-Commerce Consultants) is one of the world’s largest certification bodies for information security professionals and e-business. ITpreneurs partners can provide unique offerings to help their clients in these countries to manage the emerging challenges posed by cyber security related threats.
Contact us today on info@itpreneurs.com and find out how you can bring EC-Council training to your clients.
This session that will give you a thorough overview of the DevNet Sandbox, what it provides, and how it can help you with your development needs. We'll cover the most common use-cases of Sandbox users, how it empowers developers to get a jump-start with Cisco technologies, and how the IVT Labs may be an excellent option for obtaining your product's "Cisco Compatible" logo. In this session we'll dive into Lab specifics including: how to find the right Lab for your needs, how to make a Lab reservation, how to connect to your Lab, and how to interact with all of the awesome Cisco technology in your reserved Lab. We'll also cover common questions like "Where can I get technology information?", and "Where can I get help if I have questions or problems?". Come join us for a few minutes and we'll put you well on your way to becoming a Sandbox expert.
Testing in a Continuous Delivery Pipeline - Better, Faster, CheaperGene Gotimer
The continuous delivery pipeline is the process of taking new or changed features from developers, and getting features deployed into production and delivered quickly to the customer. Gene Gotimer says testing within continuous delivery pipelines should be designed so the earliest tests are the quickest and easiest to run, giving developers the fastest feedback. Successive rounds of testing lead to increased confidence that the code is a viable candidate for production and that more expensive tests—time, effort, cost—are justified. Manual testing is performed toward the end of the pipeline, leaving computers to do as much work as possible before people get involved. Although it is tempting to arrange the delivery pipeline in phases (e.g., functional tests, then acceptance tests, then load and performance tests, then security tests), this can lead to serious problems progressing far down the pipeline before they are caught. Gene shows how to arrange your tests so each round provides just enough testing to give you confidence that the next set of tests is worth the investment. He explores how to get the right types of testing into your pipeline at the right points.
Newspeak: Evolving Smalltalk for the Age of the NetESUG
This document discusses Newspeak, an evolution of Smalltalk designed for the modern web. Newspeak aims to improve on Smalltalk's modularity, security, and interoperability using message-based programming and an object capability model without static state. It also aims to support cloud computing by enabling network-serviced applications that can run locally but sync seamlessly with server-hosted software and data.
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic WebinarSumo Logic
In this webinar, Sumo Logic VP of Security and Compliance George Gerchow dives into how to make the shift to DevSecOps, discussing how to:
- Incorporate fundamental and high impact security best practices into your current DevOps operations
- Gain visibility into your compliance posture
- Identify potential risks and threats in your environments
Static Analysis For Security and DevOps Happiness w/ Justin CollinsSonatype
Justin Collins, Brakeman Security
It is not enough to have fast, automated code deployment. We also need some level of assurance the code being deployed is stable and secure. Static analysis tools that operate on source code can be an efficient and reliable method for ensuring properties about the code - such as meeting basic security requirements. Automated static analysis security tools help prevent vulnerabilities from ever reaching production, while avoiding slow, fallible manual code reviews.
This talk will cover the benefits of static analysis and strategies for integrating tools with the development workflow.
Better Security Testing: Using the Cloud and Continuous DeliveryGene Gotimer
Even though many organizations claim that security is a priority, that claim doesn’t always translate into supporting security initiatives in software development or test. Security code reviews often are overlooked or avoided, and when development schedules fall behind, security testing may be dropped to help the team “catch up.” Everyone wants more secure development; they just don’t want to spend time or money to get it. Gene Gotimer describes his experiences with implementing a continuous delivery process in the cloud and how he integrated security testing into that process. Gene discusses how to take advantage of the automated provisioning and automated deploys already being implemented to give more opportunities along the way for security testing without schedule disruption. Learn how you can incrementally mature a practice to build security into the process—without a large-scale, time-consuming, or costly effort.
The document discusses code smells, which are symptoms in source code that indicate potential problems. It defines common code smells like poor naming, overly complicated code, duplicate logic, and disorganization. The document explains that code smells occur due to time constraints and lack of requirements or ownership. While code smells are not bugs, they can negatively impact readability, maintainability, and lead to bugs over time. The author recommends being vigilant for code smells and taking initiative to refactor smelly code. Tools like the LabVIEW VI Analyzer and TestStand Sequence Analyzer can help identify code smells.
The document discusses security in software development. It outlines the typical software development life cycle of requirements, design, code, test, and deployment phases. For each phase, it notes that security is usually an afterthought rather than being integrated into the process from the beginning. It encourages improving security perceptions, work, and practices at each stage of development. The presenter is Renato Rodrigues, who wants to continue the security conversation on social media.
National software testing conference 2016 fergal hynesFergal Hynes
Solid test automation framework architecture is a key aspect in delivering successful test execution. Organisations must invest time in developing appropriate automation frameworks if they expect robust test execution. Once the framework architecture is right, there are a number of reasons why deploying the framework on the cloud may be appropriate. This presentation
will outline real world experiences of deploying and using enterprise level functional and non-functional test execution frameworks on the cloud and covers the main business, technical and cultural advantages and disadvantages.
Software composition analysis (SCA) is often sold as an easy win for application security, but ensuring that we have full visibility on the vulnerable components is a lot more challenging that it looks. The remediation costs can also stack up pretty quickly as we try to get rid of deeply nested vulnerable transitive dependencies.
CSUN 2018 Analyzing and Extending WCAG Beyond 3 DigitsBill Tyler
Slide deck from Bill Tyler's presentation of the Benefits of Analyzing & Extending WCAG 2.0 Beyond Three Digits from CSUN 2018 Conference (Friday, March 23, 2017)
Test Driven Development (TDD) is a software development process that involves writing tests before code. The TDD cycle involves three steps: 1) writing a failing test for the next piece of functionality, 2) writing just enough code to pass that test, and 3) refactoring the new and old code. TDD provides benefits like validated systems, code coverage, enabling refactoring, and documenting behavior. It promotes writing isolated, modular unit tests and designing code in a test-driven manner. While TDD has benefits, potential pitfalls include focusing on coverage over quality, neglecting refactoring steps, and writing overly broad tests.
This document discusses securing Apache web servers with Mod Security and the Center for Internet Security (CIS) benchmark. It provides an overview of Mod Security features for web application firewall protection and filtering. It also covers recommendations for securing the Apache configuration such as disabling unnecessary modules, access controls, limiting HTTP methods, and logging/monitoring.
Naveed Ahmad, Microsoft
Anomaly detection is the de facto standard in cyber defense. However, anomaly detection results in large number of false alerts with highly unusual but benign legit activity. Security detections based on supervised machine learning can reduce the noise, but it requires large number of labelled attack examples for training the model, which are not always available.
Successful cyber-attacks against a well-guarded online service like Office 365 are scarce. There are hundreds of thousands of machines with daily benign activities against a meager few hundred attack examples collected over the years from pen-test engagements. Training a well performing binary classifier using Supervised Machine Learning with such a skewed dataset with so few attack examples is extremely hard.
The presentation goes over various techniques to craft synthetic attack examples from known past attacks. These techniques are used in training Machine Learning models guarding Office 365 online services against cyber-attacks, predicting malicious activity with alert-able accuracy. The presentation describes these techniques with use-cases from Office 365 services with resulting model performance improvement metrics.
Techniques discussed in the presentation are:
Cartesian Bootstrapping - This technique samples benign activities from thousands of machines and combines them with known malicious examples using cartesian product, resulting in large number of synthetic attack examples with varying degrees of embedded benign noise. This helps producing models which can classify malicious & benign examples with greater accuracy and fewer false alerts.
Normalized Sampler Bootstrapping - This technique is very useful for micro-services with very few machines. This technique is used to rather generate synthetic benign examples to match the relatively larger number of malicious examples borrowed from other services. The synthetic examples are generated by sampling benign noise from the examples after removing outliers. This technique allows measuring effectiveness of the model for micro-services, where the model was trained on another larger service.
Thilaga Ramalingam is seeking a challenging career to enhance her knowledge and skills. She has 3 years and 7 months of experience working for Cisco systems in India, where she was involved in testing, automation, and migration of networking protocols. She is CCNA certified and has strong skills in programming languages like C, Tcl/Tk, and shell scripting.
When we are working on tests exercising large parts of our software system (e.g. in an acceptance test suite), we often have to set up a considerable amount of data to set the stage for the scenario under test. This might include several calls to cumbersome APIs. At first, such code can be hard do get right. When it is working properly, many times the intention of the setup is greatly hidden in a convoluted mess of code. Therefore, such code can pose a major hurdle for the evolution of the project. Although intensive refactoring can provide benefits, there are things demanding even better readability. At this point, techniques, patterns and tools like Specflow can provide advantages.
In this talk we discuss typical problems faced with the setup of test data and means to address those. We illustrate three cases where non-trivial setup was needed. After understanding the challenges faced we will present and discuss the final solutions. All topics are supported by code examples from a 10+ year project that has faced all of those issues.
The document discusses tracking vulnerable JAR (Java archive) files. It notes that many Java applications rely on large numbers of library dependencies, and over 26% of downloads from a popular repository contain known flaws. The author describes a solution used at Red Hat that involves generating a manifest of all JARs used in products, matching this against a database of known vulnerabilities, and enforcing checks for vulnerable files during the build process. This solution uses three components: a tool to generate JAR manifests, a shared vulnerabilities database, and a plugin to check for vulnerabilities during the maven build process.
In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them
Chapter 9 lab a security policy development and implementation (instructor ve...wosborne03
The document provides instructions for a lab activity to create and implement a security policy. The lab is divided into five parts:
1. Create a basic security policy using Cisco's Security Policy Builder tool and customize it for the example company.
2. Configure basic settings on routers and switches like hostnames, passwords, and routing.
3. Secure the routers by configuring authentication, access controls, firewalls, logging, and time synchronization.
4. Secure the switches by configuring similar security features.
5. Configure a router for remote access VPN.
The overall goal is to take a generic security policy created in Part 1 and implement the network device configuration guidelines from it on the physical
Peer-to-Peer and Client-Server Environments (graded)
What kind of network does your current or former workplace have: peer to peer or client-server? What problems does it have? What are some ideas to improve it? If you don’t know which, explain what you think would have worked best and describe the circumstances.
Creating Realistic Unit Tests with TestcontainersPaul Balogh
** Recording available at https://www.youtube.com/watch?v=sX4s1HqPZcw **
Sometimes, unit tests with mocked services just aren't enough. We'd like to be able to run repeatable tests against the real thing without fear of corrupting data or affecting others.
With Testcontainers, there is no need for mocks or complicated environment configurations. We can define our target environment in code and then run our tests against ephemeral containers. Java developers have had this ability for several years, but now Go developers have this similar ability!
Enjoy the discussion and demonstration of this open-source project created by the folks at AtomicJar, recently acquired by Docker.
This document provides a two-page report on considering Frame Relay as a connectivity option between the Pittsburgh and Cleveland offices. It compares Frame Relay to other WAN technologies like ATM and dedicated leased lines. Frame Relay is presented as a cost-effective option that provides connectivity through virtual circuits while only paying for the bandwidth used. Other options are discussed but Frame Relay is ultimately recommended as the best fit for the needs of this project.
600-199 Exam Questions - Securing Cisco Networks with Threat Detection and An...Susan Hannan
This document provides information about Cisco's Securing Cisco Networks with Threat Detection and Analysis (SCYBER) 600-199 exam training course. The 5-day course uses lectures and hands-on labs to teach students how to monitor, analyze, and respond to security threats and prepares them for the Cyber Security Specialist Certification exam. The course covers topics such as packet analysis, log analysis, detecting and responding to security incidents. It utilizes software and a simulated lab topology to expose students to real-world cyber security threats.
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic WebinarSumo Logic
In this webinar, Sumo Logic VP of Security and Compliance George Gerchow dives into how to make the shift to DevSecOps, discussing how to:
- Incorporate fundamental and high impact security best practices into your current DevOps operations
- Gain visibility into your compliance posture
- Identify potential risks and threats in your environments
Static Analysis For Security and DevOps Happiness w/ Justin CollinsSonatype
Justin Collins, Brakeman Security
It is not enough to have fast, automated code deployment. We also need some level of assurance the code being deployed is stable and secure. Static analysis tools that operate on source code can be an efficient and reliable method for ensuring properties about the code - such as meeting basic security requirements. Automated static analysis security tools help prevent vulnerabilities from ever reaching production, while avoiding slow, fallible manual code reviews.
This talk will cover the benefits of static analysis and strategies for integrating tools with the development workflow.
Better Security Testing: Using the Cloud and Continuous DeliveryGene Gotimer
Even though many organizations claim that security is a priority, that claim doesn’t always translate into supporting security initiatives in software development or test. Security code reviews often are overlooked or avoided, and when development schedules fall behind, security testing may be dropped to help the team “catch up.” Everyone wants more secure development; they just don’t want to spend time or money to get it. Gene Gotimer describes his experiences with implementing a continuous delivery process in the cloud and how he integrated security testing into that process. Gene discusses how to take advantage of the automated provisioning and automated deploys already being implemented to give more opportunities along the way for security testing without schedule disruption. Learn how you can incrementally mature a practice to build security into the process—without a large-scale, time-consuming, or costly effort.
The document discusses code smells, which are symptoms in source code that indicate potential problems. It defines common code smells like poor naming, overly complicated code, duplicate logic, and disorganization. The document explains that code smells occur due to time constraints and lack of requirements or ownership. While code smells are not bugs, they can negatively impact readability, maintainability, and lead to bugs over time. The author recommends being vigilant for code smells and taking initiative to refactor smelly code. Tools like the LabVIEW VI Analyzer and TestStand Sequence Analyzer can help identify code smells.
The document discusses security in software development. It outlines the typical software development life cycle of requirements, design, code, test, and deployment phases. For each phase, it notes that security is usually an afterthought rather than being integrated into the process from the beginning. It encourages improving security perceptions, work, and practices at each stage of development. The presenter is Renato Rodrigues, who wants to continue the security conversation on social media.
National software testing conference 2016 fergal hynesFergal Hynes
Solid test automation framework architecture is a key aspect in delivering successful test execution. Organisations must invest time in developing appropriate automation frameworks if they expect robust test execution. Once the framework architecture is right, there are a number of reasons why deploying the framework on the cloud may be appropriate. This presentation
will outline real world experiences of deploying and using enterprise level functional and non-functional test execution frameworks on the cloud and covers the main business, technical and cultural advantages and disadvantages.
Software composition analysis (SCA) is often sold as an easy win for application security, but ensuring that we have full visibility on the vulnerable components is a lot more challenging that it looks. The remediation costs can also stack up pretty quickly as we try to get rid of deeply nested vulnerable transitive dependencies.
CSUN 2018 Analyzing and Extending WCAG Beyond 3 DigitsBill Tyler
Slide deck from Bill Tyler's presentation of the Benefits of Analyzing & Extending WCAG 2.0 Beyond Three Digits from CSUN 2018 Conference (Friday, March 23, 2017)
Test Driven Development (TDD) is a software development process that involves writing tests before code. The TDD cycle involves three steps: 1) writing a failing test for the next piece of functionality, 2) writing just enough code to pass that test, and 3) refactoring the new and old code. TDD provides benefits like validated systems, code coverage, enabling refactoring, and documenting behavior. It promotes writing isolated, modular unit tests and designing code in a test-driven manner. While TDD has benefits, potential pitfalls include focusing on coverage over quality, neglecting refactoring steps, and writing overly broad tests.
This document discusses securing Apache web servers with Mod Security and the Center for Internet Security (CIS) benchmark. It provides an overview of Mod Security features for web application firewall protection and filtering. It also covers recommendations for securing the Apache configuration such as disabling unnecessary modules, access controls, limiting HTTP methods, and logging/monitoring.
Naveed Ahmad, Microsoft
Anomaly detection is the de facto standard in cyber defense. However, anomaly detection results in large number of false alerts with highly unusual but benign legit activity. Security detections based on supervised machine learning can reduce the noise, but it requires large number of labelled attack examples for training the model, which are not always available.
Successful cyber-attacks against a well-guarded online service like Office 365 are scarce. There are hundreds of thousands of machines with daily benign activities against a meager few hundred attack examples collected over the years from pen-test engagements. Training a well performing binary classifier using Supervised Machine Learning with such a skewed dataset with so few attack examples is extremely hard.
The presentation goes over various techniques to craft synthetic attack examples from known past attacks. These techniques are used in training Machine Learning models guarding Office 365 online services against cyber-attacks, predicting malicious activity with alert-able accuracy. The presentation describes these techniques with use-cases from Office 365 services with resulting model performance improvement metrics.
Techniques discussed in the presentation are:
Cartesian Bootstrapping - This technique samples benign activities from thousands of machines and combines them with known malicious examples using cartesian product, resulting in large number of synthetic attack examples with varying degrees of embedded benign noise. This helps producing models which can classify malicious & benign examples with greater accuracy and fewer false alerts.
Normalized Sampler Bootstrapping - This technique is very useful for micro-services with very few machines. This technique is used to rather generate synthetic benign examples to match the relatively larger number of malicious examples borrowed from other services. The synthetic examples are generated by sampling benign noise from the examples after removing outliers. This technique allows measuring effectiveness of the model for micro-services, where the model was trained on another larger service.
Thilaga Ramalingam is seeking a challenging career to enhance her knowledge and skills. She has 3 years and 7 months of experience working for Cisco systems in India, where she was involved in testing, automation, and migration of networking protocols. She is CCNA certified and has strong skills in programming languages like C, Tcl/Tk, and shell scripting.
When we are working on tests exercising large parts of our software system (e.g. in an acceptance test suite), we often have to set up a considerable amount of data to set the stage for the scenario under test. This might include several calls to cumbersome APIs. At first, such code can be hard do get right. When it is working properly, many times the intention of the setup is greatly hidden in a convoluted mess of code. Therefore, such code can pose a major hurdle for the evolution of the project. Although intensive refactoring can provide benefits, there are things demanding even better readability. At this point, techniques, patterns and tools like Specflow can provide advantages.
In this talk we discuss typical problems faced with the setup of test data and means to address those. We illustrate three cases where non-trivial setup was needed. After understanding the challenges faced we will present and discuss the final solutions. All topics are supported by code examples from a 10+ year project that has faced all of those issues.
The document discusses tracking vulnerable JAR (Java archive) files. It notes that many Java applications rely on large numbers of library dependencies, and over 26% of downloads from a popular repository contain known flaws. The author describes a solution used at Red Hat that involves generating a manifest of all JARs used in products, matching this against a database of known vulnerabilities, and enforcing checks for vulnerable files during the build process. This solution uses three components: a tool to generate JAR manifests, a shared vulnerabilities database, and a plugin to check for vulnerabilities during the maven build process.
In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them
Chapter 9 lab a security policy development and implementation (instructor ve...wosborne03
The document provides instructions for a lab activity to create and implement a security policy. The lab is divided into five parts:
1. Create a basic security policy using Cisco's Security Policy Builder tool and customize it for the example company.
2. Configure basic settings on routers and switches like hostnames, passwords, and routing.
3. Secure the routers by configuring authentication, access controls, firewalls, logging, and time synchronization.
4. Secure the switches by configuring similar security features.
5. Configure a router for remote access VPN.
The overall goal is to take a generic security policy created in Part 1 and implement the network device configuration guidelines from it on the physical
Peer-to-Peer and Client-Server Environments (graded)
What kind of network does your current or former workplace have: peer to peer or client-server? What problems does it have? What are some ideas to improve it? If you don’t know which, explain what you think would have worked best and describe the circumstances.
Creating Realistic Unit Tests with TestcontainersPaul Balogh
** Recording available at https://www.youtube.com/watch?v=sX4s1HqPZcw **
Sometimes, unit tests with mocked services just aren't enough. We'd like to be able to run repeatable tests against the real thing without fear of corrupting data or affecting others.
With Testcontainers, there is no need for mocks or complicated environment configurations. We can define our target environment in code and then run our tests against ephemeral containers. Java developers have had this ability for several years, but now Go developers have this similar ability!
Enjoy the discussion and demonstration of this open-source project created by the folks at AtomicJar, recently acquired by Docker.
This document provides a two-page report on considering Frame Relay as a connectivity option between the Pittsburgh and Cleveland offices. It compares Frame Relay to other WAN technologies like ATM and dedicated leased lines. Frame Relay is presented as a cost-effective option that provides connectivity through virtual circuits while only paying for the bandwidth used. Other options are discussed but Frame Relay is ultimately recommended as the best fit for the needs of this project.
600-199 Exam Questions - Securing Cisco Networks with Threat Detection and An...Susan Hannan
This document provides information about Cisco's Securing Cisco Networks with Threat Detection and Analysis (SCYBER) 600-199 exam training course. The 5-day course uses lectures and hands-on labs to teach students how to monitor, analyze, and respond to security threats and prepares them for the Cyber Security Specialist Certification exam. The course covers topics such as packet analysis, log analysis, detecting and responding to security incidents. It utilizes software and a simulated lab topology to expose students to real-world cyber security threats.
D
esig
n and
Im
p
lem
ent Security
O
p
eratio
ns M
anag
em
ent B
est Practices
LAB #10 – ASSESSMENT WORKSHEET A
Design and Implement Security Operations Management
Best Practices
Course Name and Number:
Student Name:
Instructor Name:
Lab Due Date:
Overview
Review the deliverables you created for Lab #6 and Lab #8, including the following:
From Lab #6:
• Block diagram of a LAN-to-WAN DMZ in Microsoft® PowerPoint, Visio, or OpenOffice;
• Functional overview document explaining your DMZ and LAN-to-WAN security solution;
• Your answers to the Lab #6 Assessment Questions and Answers.
From Lab #8:
• Block diagram design of the Mock IT infrastructure components in Microsoft® PowerPoint or Visio;
• Functional overview document explaining each of the security controls and security countermeasures
enabled within each block/component;
• Your answers to the Lab #8 Assessment Questions and Answers.
Security Monitoring and Operations Management Rationale
Using the information just reviewed as the basis for your answer, develop a short text document (no more
than two pages) detailing your rationale for why a security monitoring and operations management strategy
is critical.
Note:
To successfully complete this deliverable, you will need access to a text editor or word processor, such as Word.
If you don’t have a word processor or graphics package, use OpenOffice on the student landing vWorkstation
for your lab deliverables and to answer the lab assessment questions. To capture screenshots, press Prt Sc >
mSPaINt, paste into a text document, and save the document in the Security_Strategies folder (C:\Security_
Strategies\) using the File Transfer function.
10
Assessment Worksheet A 147
38504_LB10_Pass1.indd 147 26/02/13 6:35 PM
LAB #10 – ASSESSMENT WORKSHEET B
Design and Implement Security Operations Management
Best Practices
Course Name and Number:
Student Name:
Instructor Name:
Lab Due Date:
Overview
Work alone or in a small group and formulate a strategy for implementing a security operations management
best practices policy for the Cisco Mock IT infrastructure. Reference the deliverables you submitted for Lab
#6 and Lab #8 as part of your discussion. Answer the following questions and indicate, where possible, how
tools like Splunk contribute to the overall strategy you develop. Record your strategy in a text document of
no longer than five pages and provide it to your instructor as a deliverable for this lab.
Note:
To successfully complete this deliverable, you will need access to a text editor or word processor, such as Word.
If you don’t have a word processor or graphics package, use OpenOffice on the student landing vWorkstation
for your lab deliverables and to answer the lab assessment questions. To capture screenshots, press Prt Sc >
mSPaINt, paste into a text document, and save the document in the Security_Strategies folder (C:\Security_
Strategies\) using the File Transfer fun.
1 SDEV 460 – Homework 4 Input Validation and BusineVannaJoy20
1
SDEV 460 – Homework 4
Input Validation and Business Logic Security Controls
Overview:
This homework will demonstrate your knowledge of testing security controls aligned with Input
validation and business logic. You will also use the recommended OWASP testing guide reporting format
to report your test findings.
Assignment: Total 100 points
Using the readings from weeks 7 and 8 as a baseline provide the following test and analysis descriptions
or discussion:
1. Testing for Reflected Cross site scripting (OTG-INPVAL-001)
The OWASP site list multiple approaches and examples for blackbox testing reflected XSS
vulnerabilities. In your own words, describe Reflected Cross Site scripting. Then, List and
describe 4 different examples that could be used for testing. Be sure to conduct additional
research for each example to provide your own unique test example. This most likely means you
will need to conduct some research on Javascript to make sure your syntax is correct.
2. Testing for Stored Cross site scripting (OTG-INPVAL-002)
The OWASP site list multiple approaches and examples for blackbox testing Stored XSS
vulnerabilities. In your own words, describe Stored Cross Site scripting. Then, List and describe 2
different examples that could be used for testing. Be sure to conduct additional research for
each example to provide your own unique test example. This most likely means you will need to
conduct some research on Javascript to make sure your syntax is correct.
3. Testing for SQL Injection (OTG-INPVAL-005)
SQL Injection remains a problem in applications yet could easily fixed. The following SQL
statement is in an HTML form as code with the $ variables directly input from the user.
SELECT * FROM Students WHERE EMPLID='$EMPLID' AND EMAIL='$email'
Would a form or application that includes this code be susceptible to SQL Injection? Why?
What specific tests would you perform to determine if the applications was vulnerable?
How would you fix this problem? Be specific be providing the exact code in a Language of your choice.
(e.g. Java, PHP, Python …)
4. Test business logic data validation (OTG-BUSLOGIC-001)
While reviewing some Java code, an analysis provided the following code snippets that contain
logic errors. For each example, describe the issue and provide code that would fix the logical
error:
a.
2
int x;
x = x + 1;
System.out.println("X = " + x);
b.
for (i=1; i<=5; i++) ; {
System.out.println("Number is " + i);
}
c.
if ( z > d) ; {
System.out.println("Z is bigger");
}
d.
String m1="one";
String m2="two";
if(m1 == m2) {
System.out.println(“M1 is equal to M2”);
}
e. The formula for the area of a trapezoid is:
A = (b1+b2)/2 * h
The following Java code is the implementation. Fix the logical error
double area;
double base1 = 2.3;
double base2 = 4.8;
double height = 12.5;
area = base1 + base2/2.0 * ...
The document provides instructions for multiple assignments related to configuring and securing a wireless network over 5 weeks. It includes tasks like designing wireless network requirements, conducting a site survey, configuring wireless access points, implementing encryption and intrusion detection systems, analyzing threats, and reviewing packet captures to assess security risks. Students are asked to provide documentation like reports, diagrams, presentations, and technical specifications to demonstrate their work.
The document provides instructions for multiple assignments related to configuring and securing a wireless network over 5 weeks. It includes tasks like designing wireless network requirements, conducting a site survey, configuring wireless access points, implementing encryption and intrusion detection systems, analyzing threats, and reviewing packet captures to assess security risks. Students are asked to provide documentation like reports, diagrams, presentations, and technical specifications to demonstrate their work.
GDG SLK - Why should devs care about container security.pdfJames Anderson
Title: Why should developers care about container security?
Abstract: Container scanning tools, industry publications, and application security experts are constantly telling us about best practices for how to build our images and run our containers. Often these non-functional requirements seem abstract and are not described well enough for those of us that don’t have an appsec background to fully understand why they are important. In this session, we will go over several of the most common practices, show examples of how your workloads can be exploited if not followed and, most importantly, how to easily find and fix your Dockerfiles and deployment manifests (i.e. Kubernetes config's) before you commit your code.
Speaker: Eric is a 30+ year enterprise software developer, architect, and consultant with a focus on CI/CD, DevOps, and container-based solutions over the last decade. He is a Docker Captain, is certified in Kubernetes (CKA, CKAD, CKS), and has been a Docker user since 2013. As a Senior Developer Advocate at Snyk, Eric helps developers implement proactive and scalable security practices with a focus on container and cloud-native technologies.
Catch the video: https://youtu.be/lBNcUBdY-VM
Implementing Secure DevOps on Public Cloud PlatformsGaurav "GP" Pal
Businesses are looking to accelerate the delivery of production quality software with fewer defects, and better security. Continuous Integration/Continuous Deployment (CI/CD) also known as DevOps is a rapidly maturing practice for reducing the time and effort it takes to test and deploy code into production. The rapid automation of the integration and deployment activities is common especially on cloud-based platforms. Adding security testing into the DevOps pipeline can help address the needs of regulated, compliance and public sector focused organizations. This white paper describes the use of open source technologies and commercial packages to design and deploy a Secure DevOps pipeline. Tools such as Yasca, SonarQube, and OpenSCAP amongst others when integrated with vulnerability scanners such as Tenable Nessus, HP Fortify and others provide a robust SecDevOps implementation. This white paper by stackArmor provides an overview on how an organization can implement a Secure DevOps pipeline and its key elements.
A team of 40 experts provides operational and technical support services for OpenStack clouds. They have developed several products including CHAI, a SaaS platform for day-2 OpenStack operations that provides log analysis, service assurance and compliance tracking. NetOrc is a visual orchestration tool for networking in public and private clouds. SHEPHERD is a security and compliance controller for containers. They are focused on automation, orchestration and integration to enable high productivity gains for customers.
This document provides an overview of firewall management interfaces for the Palo Alto Networks Next-Generation Firewall. It discusses the management interfaces including the management port, web interface, CLI, Panorama, and XML API. The management port is used for initial configuration and separates management and data plane traffic. Common methods of access are through the web interface over HTTPS, CLI over SSH/Telnet, or Panorama for centralized management. Proper authentication is required and initial configurations are typically done through the management port.
IPD Week - Technical Session - New IT Essentials 8 Technical Topics.pptxssuser455e28
This document provides an overview of new topics and labs in the Cisco IT Essentials version 8 curriculum compared to version 7. It outlines the updated scope and sequence, modules that have been added or updated, and provides suggestions for instructors on how to incorporate real world tools like virtualization software and asset management databases into labs to enhance learning. Key changes include new modules covering applied networking, Windows installation, privacy and security topics, and the role of the IT professional. Instructors are encouraged to leverage existing course resources and share demonstrations of new labs.
Similar to Netw450 advanced network security with lab entire class (20)
Dive deep into the cutting-edge strategies we're employing to revolutionize our web presence in the age of AI-driven search. As Gen Z reshapes the digital realm, discover how we can bridge the generational divide. Unlock the synergistic power of PPC, social media, and SEO, driving unparalleled revenues for our projects.
As the call for for skilled experts continues to develop, investing in quality education and education from a reputable https://www.safalta.com/online-digital-marketing/best-digital-marketing-institute-in-noida Digital advertising institute in Noida can lead to a a success career on this eve
Capstone Project: Luxury Handloom Saree Brand
As part of my college project, I applied my learning in brand strategy to create a comprehensive project for a luxury handloom saree brand. Key aspects of this project included:
- *Competitor Analysis:* Conducted in-depth competitor analysis to identify market position and differentiation opportunities.
- *Target Audience:* Defined and segmented the target audience to tailor brand messages effectively.
- *Brand Strategy:* Developed a detailed brand strategy to enhance market presence and appeal.
- *Brand Perception:* Analyzed and shaped the brand perception to align with luxury and heritage values.
- *Brand Ladder:* Created a brand ladder to outline the brand's core values, benefits, and attributes.
- *Brand Architecture:* Established a cohesive brand architecture to ensure consistency across all brand touchpoints.
This project helped me gain practical experience in brand strategy, from research and analysis to strategic planning and implementation.
The digital marketing industry is changing faster than ever and those who don’t adapt with the times are losing market share. Where should marketers be focusing their efforts? What strategies are the experts seeing get the best results? Get up-to-speed with the latest industry insights, trends and predictions for the future in this panel discussion with some leading digital marketing experts.
In this dynamic session titled "Future-Proof Like Beyoncé: Syncing Email and Social Media for Iconic Brand Longevity," Carlos Gil, U.S. Brand Evangelist for GetResponse, unveils how to safeguard and elevate your digital marketing strategy. Explore how integrating email marketing with social media can not only increase your brand's reach but also secure its future in the ever-changing digital landscape. Carlos will share invaluable insights on developing a robust email list, leveraging data integration for targeted campaigns, and implementing AI tools to enhance cross-platform engagement. Attendees will learn how to maintain a consistent brand voice across all channels and adapt to platform changes proactively. This session is essential for marketers aiming to diversify their online presence and minimize dependence on any single platform. Join Carlos to discover how to turn social media followers into loyal email subscribers and ultimately, drive sustainable growth and revenue for your brand. By harnessing the best practices and innovative strategies discussed, you will be equipped to navigate the challenges of the digital age, ensuring your brand remains relevant and resonant with your audience, no matter the platform. Don’t miss this opportunity to transform your approach and achieve iconic brand longevity akin to Beyoncé's enduring influence in the entertainment industry.
Key Takeaways:
Integration of Email and Social Media: Understanding how to seamlessly integrate email marketing with social media efforts to expand reach and reinforce brand presence. Building a Robust Email List: Strategies for developing a strong email list that provides a direct line of communication to your audience, independent of social media algorithms. Data Integration for Targeted Campaigns: Leveraging combined data from email and social media to create personalized, targeted marketing campaigns that resonate with the audience. Utilization of AI Tools: Implementing AI and automation tools to enhance efficiency and effectiveness across marketing channels. Consistent Brand Voice Across Platforms: Maintaining a unified brand voice and message across all digital platforms to strengthen brand identity and user trust. Proactive Adaptation to Platform Changes: Staying ahead of social media platform changes and algorithm updates to keep engagement high and interactions meaningful. Conversion of Social Followers to Email Subscribers: Techniques to encourage social media followers to subscribe to email, ensuring a direct and consistent connection. Sustainable Growth and Minimized Platform Dependence: Strategies to diversify digital presence and reduce reliance on any single social media platform, thereby mitigating risks associated with platform volatility.
Are you struggling to differentiate yourself in a saturated market? Do you find it challenging to attract and retain buyers? Learn how to effectively communicate your expertise using a Free Book Funnel designed to address these challenges and attract premium clients. This session will explore how a well-crafted book can be your most effective marketing tool, enhancing your credibility while significantly increasing your leads and sales while decreasing overall lead cost. Unpacking practical steps to create a magnetic book funnel that not only draws in your ideal customers, but also keeps them engaged. Break through the noise in the marketing world and leave with a blueprint that will transform your sales strategy.
Yes, It's Your Fault Book Launch WebinarDemandbase
From Blame to Gain: Achieving Sales and Marketing Alignment to Drive B2B Growth.
Tired of the perpetual tug-of-war between your sales and marketing teams? Come hear Demandbase Chief Marketing Officer, Kelly Hopping and Chief Sales Officer, John Eitel discuss key insights from their new book, “Yes, It’s Your Fault! From Blame to Gain: Achieving Sales and Marketing Alignment to Drive B2B Growth.”
They’ll share their no-nonsense approach to bridging the sales and marketing divide to drive true collaboration — once and for all.
In this webinar, you’ll discover:
The underlying dynamics fueling sales and marketing misalignment
How to implement practical solutions without disrupting day-to-day operations
How to cultivate a culture of collaboration and unity for long-term success
How to align on metrics that matter
Why it’s essential to break down technology and data silos
How ABM can be a powerful unifier
Google Ads Vs Social Media Ads-A comparative analysisakashrawdot
Explore the differences, advantages, and strategies of using Google Ads vs Social Media Ads for online advertising. This presentation will provide insights into how each platform operates, their unique features, and how they can be leveraged to achieve marketing goals.
How to Use AI to Write a High-Quality Article that Ranksminatamang0021
In the world of content creation, many AI bloggers have drifted away from their original vision, resulting in low-quality articles that search engines overlook. Don't let that happen to you! Join us to discover how to leverage AI tools effectively to craft high-quality content that not only captures your audience's attention but also ranks well on search engines.
Disclaimer: Some of the prompts mentioned here are the examples of Matt Diggity. Please use it as reference and make your own custom prompts.
Build marketing products across the customer journey to grow your business and build a relationship with your customer. For example you can build graders, calculators, quizzes, recommendations, chatbots or AR apps. Things like Hubspot's free marketing grader, Moz's site analyzer, VenturePact's mobile app cost calculator, new york times's dialect quiz, Ikea's AR app, L'Oreal's AR app and Nike's fitness apps. All of these examples are free tools that help drive engagement with your brand, build an audience and generate leads for your core business by adding value to a customer during a micro-moment.
Key Takeaways:
Learn how to use specific GPTs to help you Learn how to build your own marketing tools
Generate marketing ideas for your business How to think through and use AI in marketing
How AI changes the marketing game
Conferences like DigiMarCon provide ample opportunities to improve our own marketing programs by learning from others. But just because everyone is jumping on board with the latest idea/tool/metric doesn’t mean it works – or does it? This session will examine the value of today’s hottest digital marketing topics – including AI, paid ads, and social metrics – and the truth about what these shiny objects might be distracting you from.
Key Takeaways:
- How NOT to shoot your digital program in the foot by using flashy but ineffective resources
- The best ways to think about AI in connection with digital marketing
- How to cut through self-serving marketing advice and engage in channels that truly grow your business
Efficient Website Management for Digital Marketing ProsLauren Polinsky
Learn how to optimize website projects, leverage SEO tactics effectively, and implement product-led marketing approaches for enhanced digital presence and ROI.
This session is your key to unlocking the secrets of successful digital marketing campaigns and maximizing your business's online potential.
Actionable tactics you can apply after this session:
- Streamlined Website Management: Discover techniques to streamline website development, manage day-to-day operations efficiently, and ensure smooth project execution.
- Effective SEO Practices: Gain valuable insights into optimizing your website for search engines, improving visibility, and driving organic traffic to your digital assets.
- Leverage Product-Led Marketing: Explore strategies for incorporating product-led marketing principles into your digital marketing efforts, enhancing user engagement and driving conversions.
Don't miss out on this opportunity to elevate your digital marketing game and achieve tangible results!
Customer Experience is not only for B2C and big box brands. Embark on a transformative journey into the realm of B2B customer experience with our masterclass. In this dynamic session, we'll delve into the intricacies of designing and implementing seamless customer journeys that leave a lasting impression. Explore proven strategies and best practices tailored specifically for the B2B landscape, learning how to navigate complex decision-making processes and cultivate meaningful relationships with clients. From initial engagement to post-sale support, discover how to optimize every touchpoint to deliver exceptional experiences that drive loyalty and revenue growth. Join us and unlock the keys to unparalleled success in the B2B arena.
Key Takeaways:
1. Identify your customer journey and growth areas
2. Build a three-step customer experience strategy
3. Put your CX data to use and drive action in your organization
Unleash the Power of Storytelling - Win Hearts, Change Minds, Get Results - R...
Netw450 advanced network security with lab entire class
1. NETW450 Advanced Network Security with Lab Entire Class
https://homeworklance.com/downloads/netw450-advanced-network-security-lab-entire-class/
NETW450 Advanced Network Security with Lab Entire Class
Devry NETW 450 Week 1 Discussion DQ 1 & DQ 2 Latest 2016
DQ 1
Security
Policy
issues
(graded)
(graded)
What are the key components of a good security policy? What are some of the most common attacks and how can a
network be protected against these attacks?
DQ 2
iLab
Experiences
(graded)
Discuss your experiences with the Skillsoft Lab 1. What parts of the iLab did you find difficult or unclear? What did
you learn about security in completing the assigned iLab?
Devry NETW 450 Week 2 Discussion DQ 1 & DQ 2 Latest 2016
DQ 1
Router
Security
(graded)
Discuss the methods that can be used on standard IOS router that will prevent unauthorized access to the router.
Also, discuss how privilege levels and role-based CLI can improve the security on the router.
DQ 2
iLab
Experiences
(graded)
2. Read the Week 2 iLab instructions and discuss the expectations you have regarding this lab. Do you think it is
important to prevent access to unused ports and services on the routers within your network? How did your actual lab
experiences meet your expectations? Are there specific insights or challenges you encountered you would like to
share with the class.
Devry NETW 450 Week 3 Discussion DQ 1 & DQ 2 Latest 2016
DQ 1
Layer 2
(Switch)
Security
(graded)
Discuss the attacks that can occur on a layer 2 switch and how the network can be impacted by these attacks. Also,
discuss the methods that can be used to mitigate the effects of these attacks on the network.
DQ 2
iLab
Experiences
(graded)
Read the Week 3 iLab instructions and discuss the expectations you have regarding this lab. Do you think it is
important to prevent access to unused ports and services on the routers within your network? How did your actual lab
experiences meet your expectations? Are there specific insights or challenges you encountered that you would like to
share with the class?
What did you learn about security ACLs in completing this lab?
Devry NETW 450 Week 4 Discussion DQ 1 & DQ 2 Latest 2016
DQ 1
Security
ACLs
and
Firewall
(graded)
Discuss the security ACLs, we covered this week in the text reading and the lecture. Describe different scenarios
where a specific type of ACL can enhance network security. Compare CBAC firewalls versus zone-based firewalls.
What are the advantages and disadvantages of each?
DQ 2
iLab
3. Experiences
and WLAN
Security
(graded)
Read the Week 4 iLab instructions and discuss the expectations you have regarding this lab. Do you think the
wireless LAN is secure on your network? What wireless security measures can you take to secure the WLAN? How
did your actual lab experiences meet your expectations? Are there specific insights or challenges you encountered
that you would like to share with the class?
What did you learn about wireless access points and roaming in completing this lab?
Devry NETW 450 Week 5 Discussion DQ 1 & DQ 2 Latest 2016
DQ 1
AAA
Servers
(graded)
Compare the relative merits of TACACS+ and RADIUS AAA servers. What advantages and disadvantages does
each type of AAA server have?
DQ 2
iLab
Experiences
and
Analyzing
Bandwidth
Needs
(graded)
Read the Week 5 iLab instructions and discuss the expectations you have regarding this lab. Do you think
the overhead involved in securing communication links can affect the bandwidth requirements of a network? How did
your actual lab experiences meet your expectations? Are there specific insights or challenges you encountered that
you would like to share with the class?
What did you learn about analyzing bandwidth requirements for serial links in completing this lab?
Devry NETW 450 Week 6 Discussion DQ 1 & DQ 2 Latest 2016
DQ 1
4. Virtual
Private
Networks
(graded)
Discuss what you learned about the configuration and operation of virtual private networks.
DQ 2
iLab
Experiences
(graded)
Read the Week 6 iLab instructions and discuss the expectations you have regarding this lab. Periodic security audits
are necessary to ensure continued protection of a company network. Why is it important to use and run a scheduled
security audit on your network? How did your actual lab experiences meet your expectations? Are there specific
insights or challenges you encountered that you would like to share with the class? What did you learn about security
audits in completing this lab?
Devry NETW 450 Week 7 Discussion DQ 1 & DQ 2 Latest 2016
DQ 1
Intrusion
Detection/Prevention
Systems (IDS/IPS)
(graded)
Intrusion detection systems can be implemented on IOS firewall routers and security appliances. They can also be
dedicated in in-line hardware devices. Why is intrusion detection important in networks with connections to the
Internet, and what are the functions of IDS? What are the differences between intrusion detection systems (IDS) and
intrusion prevention systems (IPS)?
DQ 2
iLab
Experiences
(graded)
Read the Week 7 iLab instructions and discuss the expectations you have regarding this lab. Periodic security audits
are necessary to ensure continued protection of a company network. Why is it important to use and run a scheduled
security audit on your network? How did your actual lab experiences meet your expectations? Are there specific
insights or challenges you encountered that you would like to share with the class?
5. What did you learn about security audits in completing this lab?
i labs
iLab 2 of 7: Security Demands
Note!
Submit your assignment to the Dropbox, located at the top of this page.
(See the Syllabus section “Due Dates for Assignments & Exams” for due dates.)
iLAB OVERVIEW
Scenario and Summary
In this lab, the students will examine the following objectives.
Create ACL to meet the requirements of the security demands.
Modify existing ACL to meet additional security requirements.
Deliverables
Students will complete all tasks specified in the iLab Instructions document. As the iLab tasks are completed,
students will enter CLI commands, and answer questions in the iLab Report document. This iLab Report document
will be submitted to the iLab Dropbox for Week 2.
Supporting Documentation
SEC450 ACL Tutorial
Textbook (Chapter 3)
Webliography links on Access Control List
Required Software
Access the software at Skillsoft
iLAB STEPS
STEP 1: Access Skillsoft iLab
Back to Top
Access Skillsoft Labs at the provided iLab link, and select Catalog. Click to Launch the course and then select Lab2.
Then, download the PDF instructions. Ensure that you open and read the iLab instructions before you begin the lab.
PLEASE NOTE: Lab instr
STEP 2: Perform iLab 2
Back to Top
Download and open SEC450_W2_Security_Demands_Lab2_Report.docx. Follow the instructions to perform all
procedures in this week lab. Instructions in red indicate tasks that you need to answer and include in the lab report.
STEP 3: Complete Your Lab Report
Back to Top
When you are satisfied with your documentation, submit your completed report to the Dropbox.
Submit your lab to the Dropbox, located at the top of this page. For instructions on how to use the Dropbox, read
these step-by-step instructionsor watch this Dropbox Tutorial.
See the Syllabus section “Due Dates for Assignments & Exams” for due date information.
Student
Security Demands Lab
NETW 450 Week 2 iLab2 Report
Copy below each of the tasks that appears inred in the pdf lab Instructions from Skillsoft. Then, write the
answer following each of the tasks. Submit this document to the iLab Dropbox in Week 2.
6.
week 3
Lab 3 of 7: Database Security Demands
Note!
Submit your assignment to the Dropbox, located at the top of this page.
(See the Syllabus section “Due Dates for Assignments & Exams” for due dates.)
iLAB OVERVIEW
NETW 450 ACL Tutorial
This document highlights the most important concepts on Access Control List (ACL) that you need to learn
in order to configure ACL in CLI. This tutorial does not intend by any mean to cover all ACL applications, but
only those scenarios used in the SEC450 iLabs.
Introduction to Access Control List
A host-based firewall essentially works closing and/or opening ports in a computer. The engine
behind firewalls is built with Access Control Lists (ACL).
Network-based firewalls are implemented in device-specific appliances and routers. Basically,
firewalls in routers filter packets through interfaces to permit or deny them.
Ports are layer-4 address specified in TCP/IP protocol suit that identify networking processes
running in clients and servers.
ACLs are configured using shell-specific commands. In Cisco IOS, CLI commands access-list and
access-group are used to create and apply ACL on an interface.
ACL can be named by number ID or a name. Naming ACL is useful to identify ACL’s purpose.
ACL are classified in Standard ACL and Extended ACL.
Standard ACL’s number IDs are assigned from 1 to 99. Extended ACL’s number IDs are from 100 to
199.
Standard ACL only uses source IP address in an IP packet to filter through an interface. Hence,
standard ACL denies or permits all packets (IP) with the same source IP regardless upper protocols,
destination IP address, etc. Example 1: Router(config)#access-list 8 deny host 172.12.3.5
Extended ACL does filtering packets based on protocol, source IP address, source port number,
destination IP address, and destination port number. Example 2: Router(config)#access-list 102 deny tcp
host 10.0.3.2 host 172.129.4.1. Deny tcp packets with source IP address 10.0.3.2 and destination IP address
172.129.4.1.
7. Since, Standard ACLs only have source IP address; the rule is to apply them in an interface as
closer as possible to the destination IP address.
For the contrary, the rule for Extended ACLs is to apply them in an interface as closer as possible to
the source IP address.
Use Extended ACL in all iLabs as they are more granular on packet filtering.
Create Extended ACL in global configuration
You can use access-list command options lt, gt, eq, neq, and range (less than, greater than, equal,
not equal, range of ports) to do operation with port numbers.
Example 3: access-list 102 deny tcp any host 11.23.45.7 gt 20 denies all packets with any source IP address
to destination IP address 11.23.45.7 and destination tcp port greater than 20.
Example 4: access-list 107 permit udp any any permits all packets with udp protocol with any source IP
address to any destination IP address.
Extended ACL can do packet filtering based on source port number and destination port number.
Extended ACL Syntax can be as follows.
access-list <#,name> <protocol> host <source_ip> <port_qualifier> <source_port_number> host <dest_ip>
<port_qualifier> <dest_port_number>
where:
<#,name> is a number between 100 to 199 or a one-word name
<protocol> is any protocol in the TCP/IP suite
<source_ip> and <dest_ip> are the source and destination IP addresses
<port_qualifier> is optional, and can be eq, gt, lt, neq, and range
<source_port_number> and <dest_port_number> follow <port_qualifier> to specify the port number(s).
<port_qualifier> and <port_number> can be replaced by the application protocol. Example, http instead of eq
80.
Creation of ACL follows the three Ps rule. One ACL per protocol, per interface, per traffic direction.
Per protocol means ones protocol such as IP, TCP, IPX, UDP, or ICMP can be specified. Per interface means
the ACL is applied to an interface to make it active. Per direction means the ACL needs to specify which
direction at the interface, packet in or out, filtering applies.
Steps for configuring a new ACL are: First, create the ACL in CLI global configuration using access-
list command(s). Then, apply the ACL using access-group command in CLI interface configuration. The ACL
is activated unless it is applied to an interface.
An ACL consists of one or more access-list commands. Routers process the ACL commands in
order; top first to bottom last likewise a scripting or computer program. That is why the order of access-list
commands makes a difference.
The effectiveness of an access-list command depends upon previous access-list commands.
Therefore, always write the commands following the order; more-specific-traffic commands first and, then
more-generic-traffic commands last. Example 5: It makes sense to write an ACL as
Router(config)#access-list 101 deny tcp host 10.0.3.2 any
Router(config)#access-list 101 permit tcp any any
But never follows the order below, because the second command is more specific, and therefore, “deny” is
worthless because the first command already lets packets passing through.
8. Router(config)#access-list 101 permit tcp any any
Router(config)#access-list 101 deny tcp host 10.0.3.2 any
All ACL have a hidden access-list command at the end that denies all packets (i.e., deny ip any any).
Hence, packets that are not specifically permitted in a command will always be denied by the ACL.
Example 6: Use command Router(config)#access-list 105 permit ip any any at the end of ACL if it requires to
permit all other traffic after denying packets with Router(config)#access-list 105 deny icmp any host
192.168.10.244
Wildcard option is used in access-list commands filtering packets from a subnet of source and/or
destination IP addresses instead of single hosts. IP addresses in each of those subnets must be continuous.
Filtering on port numbers is also applicable, but it have been omitted for the sake of simplicity. Here is the
syntax.
access-list <#,name> <protocol> <source_ip> <source_wildcard> < <dest_ip> <dest_wildcard>
where:
<#,name> is a number between 100 to 199 or a one-word name
<protocol> is any protocol in the TCP/IP suite
<source_ip> and <dest_ip> are the source and destination IP addresses
<source_wildcard> and <dest_wildcard> specify the subnet ranges of source and destination IP addresses
Wildcard in ACL has the same meaning as in routing protocols such as EIGRP and OSPF. Wildcard
bit 0 means the bit in the IP address must be the same as the corresponding bit in the subnet IP addresses.
Wildcard bit 1 means the bit in the IP address can be any value (0 or 1).
Example 7: access-list 105 deny udp 172.16.7.3 0.0.0.3 any means to deny all packets with udp protocol with
source IP addresses from 172.16.7.0 to 172.16.7.3 to any destination IP address. Note that .3 is in binary
.00000011 and .000000xx for wildcard, where x means any (0 or 1).
Example 8: access-list 109 permit tcp host 192.168.6.3 eq 80 10.0.0.0 0.0.0.255 means to permit all tcp
packets from source IP address 192.168.6.3 and source port tcp 80 (e.g., http server) to destination IP
addresses in range 10.0.0.0 to 10.0.0.255. The fact that 10.0.0.0 would not qualify for host IP in classful
networks is irrelevant to the ACL.
Using wildcard with all 0s is the same as using the option host in access-list commands. Example 9:
access-list 110 permit ip host 10.23.4.3 host 10.30.2.1 and access-list 110 permit ip 10.23.4.3 0.0.0.0 10.30.2.1
0.0.0.0 are equivalent commands. Both permit filtering packets with source IP address 10.23.4.3 and
destination IP address 10.30.2.1.
Only use wildcard in access-list commands when the ACL requires filtering packets on subnet of IP
addresses; either at source, destination, or both.
Applying ACL to an Interface to activation
Example 10: Assume you need to create an ACL in router that permits filtering any traffic excepting
udp packets with source IP address 10.23.4.3 and destination IP address 10.30.2.1 as shown in the network
diagram below.
First, you need to create an extended ACL in CLI global configuration.
Router#config t
Router(config)#access-list 103 deny udp host 10.23.4.3 host 10.30.2.1
Router(config)#access-list 103 permit ip any any
9. Second, you need to apply ACL 103 in an interface closer to the source (e.g., extended ACL rule of
thumb). The closer interface is S0/1 in Router for traffic coming from IP 10.23.4.3. Thus, you go to interface
configuration in CLI to activate the ACL.
Router(config)#interface s0/1
Router(config-if)#ip access-group 103 in
If you need to make any correction after creating an ACL, then erase first the ACL from global and
interface configurations. To erase ACL 103 from the previous example execute the following commands.
Router(config)#interface s0/1
Router(config-if)#no ip access-group 103
Router(config)#no ip access-list 103
Now, you can start over creating ACL 103. If you do not erase the ACL, then new access-list commands will
be compounding in the configuration file producing unexpected behavior. Use command show run to verify
the ACL is erased and created again correctly.
Verify ACL Configuration
Example 11: Let’s say you have been asked to create an ACL in a router R to deny TCP traffic
coming through interface Serial 0/2 from source IP address 10.16.2.1 to destination IP address172.16.5.3 with
destination port number greater than 200. Also, the ACL should permit filtering any other traffic.
There are two configuration tasks you need to do in CLI. First, create the ACL. Second, apply the
ACL to interface Serial 0/2.
So, in CLI,
R> enable
R# config t
R(config)# access-list 101 deny tcp host 10.16.2.1 host 172.16.5.3 gt 200
R(config)# access-list 101 permit ip any any this command is needed to permit any other traffic after denying
the selecting packets from the first command.
R(config)# interface serial0/2
R(config-if)# ip access-group 101 in this command is to apply the ACL to serial0/2 for traffic coming in.
R(config-if)# exit
R# show run this is to verify the ACL configuration is correct in running-config.file
R#show running-config
version 12.3
!
hostname R
!
interface FastEthernet0/0
ip address 192.168.200.1 255.255.255.0
!
interface FastEthernet0/1
ip address 192.168.20.1 255.255.255.0
shutdown
!
10. interface Serial0/0
ip address 200.100.20.2 255.255.255.0
!
interface Serial0/1
ip address 192.168.30.2 255.255.255.0
shutdown
!
interface Serial0/2
ip address 192.168.40.1 255.255.255.0
ip access-group 101 in
!
router rip
network 192.168.200.0
network 200.100.20.0
!
ip default-network 200.100.20.0
ip route 0.0.0.0 0.0.0.0 serial0/0
!
!
access-list 101 permit tcp host 10.16.2.1 host 172.16.5.3 gt 200
access-list 101 permit ip any any
!
!
line con 0
line aux 0
line vty 0 4
password cisco
line vty 5 15
password cisco
!
end
If the ACL is not correct, then delete it with the command below and start over again
R# config t
R(config)# no access-list 101
R(config)# interface serial0/2
R(config-if)#no ip access-group 10
week 4
AAA Server Authentication Lab
NETW 450 Week 4 iLab4 Report
11. Copy below each of the tasks that appears inred in the pdf lab instructions from Skillsoft. Then, write the
answer following each of the tasks. Submit this documment to the iLab Dropbox in Week 4.
iLab 5 of 7: VPN – Virtual Private Networks
Note!
Submit your assignment to the Dropbox, located at the top of this page.
(See the Syllabus section “Due Dates for Assignments & Exams” for due dates.)
Student Name: Date:
IPSec Site-to-Site VPN Lab
SEC450 Week 5 iLab5 Report
Copy below each of the tasks that appears inred in the pdf lab Instructions from Skillsoft. Then, write the
answer following each of the tasks. Submit this documment to the iLab Dropbox in Week 5.
week 6
iLab 6 of 7: IDS/IPS – Intrusion Detection/Prevention Systems
Note!
Submit your assignment to the Dropbox, located at the top of this page.
(See the Syllabus section “Due Dates for Assignments & Exams” for due dates.)
Student Name: Date:
Intrusion Detention System (IDS/IPS) Lab
NETW 450 Week 6 iLab6 Report
Copy below each of the tasks that appears inred in the pdf Lab Instructions from Skillsoft. Then, write the
answer following each of the tasks. Submit this documment to the iLab DropBox in Week 6.
week 7
iLab 7 of 7: Network Vulnerability Case Study
Note!
Submit your assignment to the Dropbox, located at the top of this page.
(See the Syllabus section “Due Dates for Assignments & Exams” for due dates.)
Student Name _________________________________ Date _____________
NETW 450 Network Vulnerability Case Study—iLab7
Objectives
In this lab, students will examine the following objectives.
12. Differentiate the use of IDS and IPS to detect network attacks.
Design a network with IDS/IPS.
Justify the use of IDS/IPS for a given network solution.
Scenario
A small company is using the topology shown below to secure its intranet while providing a less-secured environment
to its eCommerce DMZ server. The company is concerned that firewalls are not enough to detect and prevent
network attacks. Hence, deployment of sensors to intrusion detection systems (IDS) and/or intrusion prevention
systems (IPS) are needed in the network. Your job is to provide recommendations, including a network design with
IDS/IPS, that meet the company’s requirements.
Initial Topology
Company’s Requirements
1. Detect any malicious traffic entering the e-commerce server without performance penalty to traffic getting in
the server from revenue-generating customers.
2. Stop any malicious traffic entering the human resources LAN (HR LAN).
3. Detect any malicious traffic entering the computer terminal in the marketing LAN (MKT LAN).
4. Stop any traffic entering the File Server in MKT LAN.
5. Deploy a centralized database and analysis console in the intranet to managing and monitoring both IDS
and IPS sensors.
Note: RED text indicates the required questions to answer
Task 1—Layout the New Network Design
Click on the Initial Network Topology link on the iLab page in Week 7, and save in your computer the MS
Powerpoint fileInitial_Network_Topology_iLab7.ppt. This file contains a diagram for the initial network topology and
pictures of all components needed to create the new network design.
Review the documentation provided in the references at the end of these instructions to get more familiar with the
implementation of IDS and IPS in network design. You need to find a network solution that meets the company’s
requirements.
#1. Paste below your new network design diagram.
Task 2—IDS/IPS Recommendations
#2. Write an engineering specification document of at least 250 words (e.g., 1 page of full text, double space,
and size 12) describing why your network’s design meets each of the company’s requirements. Justify how
each recommendation addresses the company’s needs.
Task 3—Conclusions
#3. Describe in two paragraphs your learning experience in this lab.
References:
1.SANS Institute. “Network IDS & IPS Deployment Strategies“—Webliography
2.Paquet, C. (2012). Implementing Cisco IOS network security (IINS) foundation learning guide (2nd ed.).
Indianapolis, IN: Cisco Press.
3.NIST. “Guide to Intrusion Detection and Prevention Systems (IDPS)”—Webliography
quizes
week 2
1.(TCO 2) Which of the following prompts indicates that you have booted into the IOS stored in Bootstrap ROM
(possibly due to a Ctrl-Break entered during power-up)? (Points : 3)
Router>
13. > or ROMMON>
(Boot)>
ROM>
Question 2.2.(TCO 2) Which is the command sequence used to configure a console terminal password on a Cisco
router? Note: <CR> represents a carriage return or Enter key. (Points : 3)
line con 0 <CR>
password {password} <CR>
line con 0 <CR> password {password] <CR> login <CR>
line con 0 <CR> login {password} <CR>
line {password} con 0 <CR>
Question 3.3.(TCO 2) To enter privileged EXEC mode, you can type the command _____ at the user EXEC prompt.
(Points : 3)
enter
enable
activate
open
Question 4.4.(TCO 2) Which of the following IOS commands will set the minimum length for all router passwords to
eight characters? (Points : 3)
(config)# service passwords min-length 8
(config)# passwords min-length 8
(config)# security passwords min-length 8
(config)# passwords security min-length 8
Question 5.5.(TCO 2) Which of the following commands will prevent password recovery using ROM monitor mode?
(Points : 3)
(config)# no rom monitor
(config)# no password-recovery
(config)# no service password-recovery
(config)# no password-recovery service
Question 6.6.(TCO 2) To configure role-based CLI on a Cisco router, the first command to enter in privileged mode
is _____. (Points : 3)
parser view
view enable
enable view
config view
Question 7.7.(TCO 2) Which of the following commands is required before you can begin configuring SSH
configuration on a Cisco router? (Points : 3)
Crypto key generate rsa
IP domain-name
Crypto key zeroize
Transport input ssh
Question 8.8.(TCO 2) Which of the following cannot be used to enhance access security on a router? (Points : 3)
14. MD5 encrypted enable passwords
SHA encrypted usernames
Privilege levels
MD5 encrypted username
week 4
Question 1. 1.(TCO 4) Which type of access list entry is dynamic and becomes active only when a Telnet session is
authenticated? It can be used for inbound or outbound traffic. (Points : 3)
Established
Lock and key
Reflexive
CBAC
Question 2. 2.(TCO 4) What function CBAC does on a Cisco IOS firewall? (Points : 3)
Creates specific security policies for each user.
Provides secure, per-application access control across network perimeters.
Provides additional visibility at intranet, extranet, and Internet perimeters.
Protects the network from internal attacks and threats.
Question 3. 3.(TCO 4) Given the configuration shown below, the idle timeout for TCP and UDP sessions is _____.
ip inspect audit-trail
ip inspect name FWRULE tcp timeout 180
ip inspect name FWRULE udp timeout 180
!
interface FastEthernet0/0
ip access-group 100 in
ip inspect FWRULE in
!
interface FastEthernet0/1
ip access-group 101 in
!
logging on
logging 192.168.100.100
!
access-list 100 permit ip any any
!
access-list 101 deny ip any any log (Points : 3)
180 minutes
180 seconds
180 days
180 milliseconds
Question 4. 4.(TCO 4) Given the configuration shown below, the host at IP address 192.168.100.100 is a _____.
ip inspect audit-trail
ip inspect name FWRULE tcp timeout 180
ip inspect name FWRULE udp timeout 180
!
interface FastEthernet0/0
15. ip access-group 100 in
ip inspect FWRULE in
!
interface FastEthernet0/1
ip access-group 101 in
!
logging on
logging 192.168.100.100
!
access-list 100 permit ip any any
!
access-list 101 deny ip any any log (Points : 3)
TACACS+ server
syslog server
Radius server
TACACS server
Question 5. 5.(TCO 4) Which of the following is not a policy action that can be specified for zone-based firewall
traffic? (Points : 3)
Pass
Drop
Hold
Inspect
Question 6. 6.(TCO 4) With zone-based firewalls, which of the following is used to define interfaces on routers that
have the same security level? (Points : 3)
Zones
Class maps
Policy maps
Zone pairs
Question 7. 7.(TCO 4) What is the range of ACL numbers for a standard access list?(Points : 3)
100–199 and 1700–1999
1–99 and 1300–1999
0–99
100–199
Question 8. 8.(TCO 4) In CLI, the zone-pair command is used to associate together which of the following?(Points :
3)
Zones and service-policy
Class maps and interface
Policy maps and interface
Class-type and interface
16.
week 6
Question 1.1. (TCO 6) When you are configuring a Cisco IOS firewall router for IPSec using RSA signatures, you
need to generate a local RSA key. Before you generate the RSA key, you must _____. (Points : 3)
generate general purpose keys
configure a domain name for the router
contact a third-party certificate authority (CA)
enable the key management protocol in global configuration mode
Question 2.2. (TCO 6) IPSec VPNs use ACLs to specify VPN tunnel traffic. Any traffic not permitted in the ACL will
be _____. (Points : 3)
dropped before it exits the VPN outbound interface
passed through the VPN outbound interface with no IPSec protection
encrypted and sent out through the VPN outbound interface because the ACL specifies traffic to be restricted
sent back to the sender with a message indicating invalid IPSec format
Question 3.3. (TCO 6) The Cisco IOS firewall crypto isakmp policy mode command that will set the isakmp security
association lifetime is _____. (Points : 3)
lifetime {days}
lifetime {seconds}
set lifetime {days}
set lifetime {seconds}
Question 4.4. (TCO 6) _____ encryption algorithms use one key to encrypt the data and another key to decrypt the
data between the sender and recipient. (Points : 3)
Symmetric
Asymmetric
Balanced
Bidirectional
Question 5.5. (TCO 6) The _____ encryption algorithm uses a key size of 168 bits. (Points : 3)
DES
3DES
AES
WEP
Question 6.6. (TCO 6) Which of the following encryption algorithms is considered the most secure? (Points : 3)
DES
3DES
AES
WEP
17.
Question 7.7. (TCO 6) Which of the following commands will delete all of the IOS firewall router’s RSA keys? (Points
: 3)
crypto key remove rsa
crypto key delete rsa
crypto key zeroize rsa
crypto key remove rsa all
Question 8.8. (TCO 6) What is the size of the keys in an DES algorithm? (Points : 3)
32 bits
96 bits
112 bits
56 bits
week 7
Question 1.1. (TCO 7) The type of IDS signature that triggers on a multiple packet stream is called _____. (Points :
3)
atomic
dynamic
cyclical
compound or composite
Question 2.2. (TCO 7) Which device responds immediately and does not allow malicious traffic to pass? (Points : 3)
Intrusion detections system (IDS)
Intrusion prevention system (IPS)
All of the above
Neither of the above
Question 3.3. (TCO 7) An IPS sensor that receives a copy of data for analysis while the original data continues
toward the destination is running in _____ mode. (Points : 3)
passive
active
promiscuous
inline
Question 4.4. (TCO 7) Most IOS commands used to configure an intrusion prevention system (IPS) begin with the
prefix _____. (Points : 3)
ids ips
ips ip
ip ips
18. ios ips
Question 5.5. (TCO 7) Which is an IDS or IPS signature? (Points : 3)
A message digest encrypted with the sender’s private key
A set of rules used to detect typical intrusive activity
A binary pattern specific to a virus
An appliance that provides anti-intrusion services
Question 6.6. (TCO 7) Which of the following ip actions will drop the packet and all future packets from this TCP
flow? (Points : 3)
Deny attacker inline
Deny connection inline
Deny ip host inline
Deny packet inline
Question 7.7. (TCO 7) Which of the following are signature types that IOS firewall IDS can detect as requiring the
storage of state information? (Points : 3)
Atomic
Dynamic
Cyclical
Compound (composite)
Question 8.8. (TCO 7) Why is a network using IDS only more vulnerable to atomic attacks? (Points : 3)
IDS must track three-way handshakes of established TCP connections.
IDS cannot track UDP sessions.
IDS permits malicious single packets into a network.
IDS is not stateful and therefore cannot track multiple-packet attack streams.
NETW 450 Final Answers
Question 1. 1. (TCO 1) The component of network security that ensures that authorized users have access to data
and network resources is _____. (Points : 6)
data integrity
data confidentiality
data and system availability
data and user authentication
Question 2. 2. (TCO 1) The type of security control that makes use of firewalls is called _____. (Points : 6)
19. administrative
physical
technical
clerical
Question 3. 3. (TCO 2) To configure a role-based CLI on a Cisco router, the first command to enter in privileged
mode is _____. (Points : 6)
parser view
view enable
enable view
config view
super view
Question 4. 4. (TCO 2) The show running-config output can be modified using all of the following pipes except for
_____. (Points : 6)
| begin
| end
| include
| exclude
Question 5. 5. (TCO 3) Which of the following is the default number of MAC addresses allowed when you execute
the switchport port-security command on a switch port? (Points : 6)
Zero
One
Two
Three
Question 6. 6. (TCO 3) Which switch feature causes a port to skip the listening and learning states, causing the port
to enter the forwarding state very quickly? (Points : 6)
fastport
portfast
enablefast
portforward
Question 7. 7. (TCO 4) With zone-based firewalls, which of the following is used to specify actions to be taken when
traffic matches a criterion? (Points : 6)
Zones
Class maps
Policy maps
Zone pairs
20. Question 8. 8. (TCO 4) Which type of access list uses rules placed on the interface where allowed traffic initiates and
permits return traffic for TCP, UDP, SMTP, and other protocols? (Points : 6)
Established
Lock and key
Reflexive
CBAC
Question 9. 9. (TCO 5) Which AAA server protocol offers support for ARAP and NETBEUI protocols as well as IP?
(Points : 6)
CSACS
RADIUS
OpenACS
TACACS+
Question 10. 10. (TCO 5) Which of the following is not considered a component of AAA? (Points : 6)
Authentication
Authorization
Accounting
Administration
Question 11. 11. (TCO 6) The Cisco IOS command that will display all current IKE security associations (SAs) is
_____. (Points : 6)
show crypto ipsec
show crypto isakmp
show crypto ipsec sa
show crypto isakmp sa
show crypto ike sa
Question 12. 12. (TCO 6) The Cisco IOS firewall crypto isakmp policy mode command that will set the isakmp
security association lifetime is _____. (Points : 6)
lifetime {days}
lifetime {seconds}
set lifetime {days}
set lifetime {seconds}
Question 13. 13. (TCO 7) Cisco routers implementing IPS can save IPS events in a Syslog server by executing
which of the following commands? (Points : 6)
ip ips log {IP Address}
ip ips notify syslog
ip ips notify log
ip ips notify sdee
21.
Question 14. 14. (TCO 7) Which of the following is not an action that can be performed by the IOS firewall IDS router
when a packet or packet stream matches a signature? (Points : 6)
Drop the packet immediately.
Send an alarm to the Cisco IOS designated Syslog server.
Set the packet reset flag and forward the packet through.
Block all future data from the source of the attack for a specified time.
Question 15. 15. (TCO 1) Explain how to mitigate a Smurf attack. (Points : 24)
Question 16. 16. (TCO 2) Type the global configuration mode and line configuration mode commands that are
required to secure the VTY lines 0 through 15 to use the local username admin with the encrypted password
adminpass for remote Telnet or SSH log-ins to the Cisco router. (Points : 24)
Question 17. 17. (TCO 3) What are at least two best practices that should be implemented for unused ports on a
Layer 2 switch for switch security? (Points : 24)
Question 18. 18. (TCO 4) Given the commands shown below and assuming F0/0 is the inside interface of the
network, explain what this ACL does.
access-list 100 permit tcp any any eq 80 time-range MWF
time-range MWF
periodic Monday Wednesday Friday 8:00 to 17:00
time-range
absolute start 00:00 30 Sept 2014 end 01:00 30 Sept 2014
int f0/0
ip access-group 100 in Correct Answer: (Points : 24)
Question 19. 19. (TCO 5) Type two global configuration mode commands that enable AAA authentication and
configure a default log-in method list. Use a TACACS+ server first, then a local username and password, and finally
the enable password. (Points : 24)
Question 20. 20. (TCO 6) Discuss the data encryption algorithms DES and 3DES. Discuss the key lengths, and rank
the algorithms in order of best security. (Points : 24)
Question 21. 21. (TCO 7) Explain the two benefits of Cisco IPS version 5.x signature format over the Cisco IPS
version 4.x signature format. (Points : 22)