HMAC
to validate a message using HMAC, Compare the computed MAC vs the MAC received. Compute the MAC using the received message and a secret key as inputs to the hash
News
QoS over GRE/IPSec Tunnels
QoS pre-classify enables IOS to make a copy of the inner (original) Ip header and to run a QOS classification before encryption, based on fields in the inner IP header,
Role Based Access Control
Role Based Access Control is an access control model provides access to system resources based on the job function of the user or the tasks that the user has been
RFC-4301 – Security Archtecture for the Internet Protocol
RFC-4301 – Security Archtecture for the Internet Protocol (obsoletes RFC 2401), specifies the base architecture for Ipsec-compliant systems, and is designed to provide security services for traffic at the IP
Continue reading…RFC-4301 – Security Archtecture for the Internet Protocol
ASA
ASA supports both stub multicast routing and PIM multicasting routing. However, you cannot configure both concurrently on a single security appliance. The ASA supports both PIM-SM and bi-directional PIM. Enabling
CSA
CSA protects your Host by, Preventing browsers from opening network sockets in listening state.
ASA (configure Failover)
Whenever a failover takes place n the ASA (configureed for failover), all active connections are dropped clients must re-established their connections Unless the ASA is configured for Active-Active failover and
Unicast reverse path forwarding (uRPF)
Unicast reverse path forwarding (uRPF) is the most effective technique to prevent source IP Address spoofing
Buffer Overflow
A vulnerability used to overflow the buffer and an exploit used to run malicious software off of the stack.
Chain of Evidence
The concept that evidence is to have control and accountability to not disrupt the authenticity and integrity of evidence in context of information Security forensics, is called Chain of Evidence
Protocol to OSI Layer
Network Layer: ESP/AH Session Layer: ISAKMP Data Link Layer: PPTP Transport Layer: TLS Application Layer: SHTTP
OSPF
An network adminstrator is using a Lan analyzer to troubleshoot OSPF router exchange messages sent to ALL OSPF ROUTERS, these messages are sent to mac address: 01-00-5E-00-00-05
VTP
VTP pruning restricts flooded traffic, increasing available bandwidth. Also VTP V2 can only be used in a domain consisting of V2 capable switch, are 2 of its key characteristics
ISO QoS Mechanism & Control Plane Policing
Control Plane Policing, is a IOS QoS mechanism is used strictly to rate limit traffic destined to the router itself.
LNS&VPDN
In an L2TP voluntary Tunneling Scenario, The VPDN is terminated Between the LNS & VPDN
CCIE security written exam blueprint
General Networking Networking Basics OSI Layers TCP/IP Protocols Switching (VTP, VLANs, Spanning Tree, Trunking, etc.) Routing Protocols (RIP, EIGRP, OSPF, and BGP) IP Multicast Security Protocols, Ciphers and Hash Algorithms