| Protocol | Administrative Distance |
| Connected | 0 |
| Static | 1 |
| EIGRP summary | 5 |
| External BGP | 20 |
| Internal EIGRP | 90 |
| IGRP* | 100 |
| OSPF | 110 |
| IS-IS | 115 |
| RIP | 120 |
| EGP* | 140 |
| ODR | 160 |
| External EIGRP | 170 |
| Internal BGP | 200 |
| Infinite | |
| * Deprecated |
martes, 25 de septiembre de 2012
Routing Protocols Administrative Distance
jueves, 20 de septiembre de 2012
OSPF NETWORKs TYPES summary
| OSPF NETWORK TYPE | Helo Addressing |
Database Exchange Addresing |
DR/BDR Election |
Issues | Link Advertisement |
Next Hop |
|---|---|---|---|---|---|---|
| Broadcast | Multicast 224.0.0.5 |
Multicast 224.0.05 224.0.0.6 |
Yes |
|
Link is advertised as prefix | Next hop is advertising router |
| Nonbroadcast | Unicast | Unicast | Yes |
|
Link is advertised as prefix | Next Hop is advertising Router |
| Point to Point | Multicast 224.0.0.5 |
Multicast 224.0.0.5 |
No |
|
Link is advertised as prefix | Next hop is the other end of the point-to-point link |
| Point to mulipoint Broadcast | Multicast 224.0.0.5 |
Multicast 224.0.0.5 |
No |
|
Link is advertised as a number of host entries | Next hop is the other end of the point-to-point link |
| Point to Multipoint NonBroadcast | Unicast | Unicast | No |
|
Link is advertised as a number of host entries | Next hop is the other end of the point-to-point link |
jueves, 23 de agosto de 2012
Physical Security Considerations
Many companies are
merging physical security and IT security departments and functions.
This makes a lot of sense given that the line between the two is not at
all clear. For example, if a user swipes a badge, then a server unlocks a
door, that’s a blend of physical security and IT technology. If that
door leads to the computer room or even a wiring closet, then it is IT
security, too. In this domain, both sides will be considered.
martes, 21 de agosto de 2012
Law, Investigation, Forensics and Ethics
One of the most difficult
and challenging parts of a security manager’s job responsibility can be
the handling of incidents and investigations. Let's dive into this
domain to discuss the steps an ISSMP must take to prepare for, detect,
react to, correct, report, and learn from every incident that does
occur.
Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
The relationship between
BCP and DRP is often misunderstood, and even worse, sometimes used
interchangeably. A BCP is an examination of a business. It is done once.
A DRP is created for every likely or feasible scenario, so that when
the bad event happens, a plan will exist for dealing with it. The
relationship is one BCP to many DRPs. Now let's dive into this deeper in
this video.
jueves, 9 de agosto de 2012
CISSP-ISSMP: Understand Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
Organizations need to
prepare for the risk of an interruption to services or operations and
put in place plans that will help prevent such failures, minimize the
impact if an incident were to happen and manage the recovery to normal
operations as quickly as possible. Let's discuss in this domain.
miércoles, 8 de agosto de 2012
Security Architecture Analysis
Common Criteria and
PCI-DSS, at risk management in terms of both analysis and mitigation, at
certification and accreditation and at design validation.
jueves, 2 de agosto de 2012
CISSP-ISSEP: Technical Management
This domain includes the DoD Acquisition process. This process is normally a profession onto itself, but as system security professionals, we must understand how this process works and how to use it to acquire the necessary equipment ISSEPs need for our engineering and development efforts.
If you have problem watching the video click here
If you have problem watching the video click here
miércoles, 1 de agosto de 2012
CISSP-ISSMP: Security Compliance Management
Security compliance is a
demanding and ever-changing world of regulations, standards and audit.
Let's look into the areas of concern and opportunity for the information
security manager and how to ensure that we are executing our
responsibilities in a professional and thorough manner that will protect
the interests of our employers and earn the respect of all the
stakeholders that rely on us.
CISSP-ISSAP: Cryptography
One of the most important
thoughts an ISSAP has to keep in mind when designing a network is that
choosing cryptography as a solution always means adopting a key
management problem. Keys need to be changed, distributed and recovered,
but at the same time, they need to be maintained in a secure fashion.
Availability can be seriously impacted by a forgotten or destroyed key,
but confidentiality will suffer if there is a breach of the key recovery
solution.
jueves, 26 de julio de 2012
TIPS: Linux Vlan Configuration
Now we are going to show how to configure vlans using
linux. You may ask why this is
necessary? and here is the answer, this is necessary when you
connect your linux server directly to a router/L3 Switch and the port in
router/switch end is configured as a Trunk port.
The frame that pass through a Trunk port must be
tagged with a VLAN ID, This VLAN ID,
tells the router what vlan to use to route the traffic to the destination. If
the frame that is send through a Trunk port is not tagged then the router is
going to discard the frame.
Find Below how to configure vlans with linux
- 1. Verify if the module is active using the command modprobe. If you do not receive any message then the module is installed and we can continue with step 2
- 2. Create the vlan using the command vconfig. The command shown below create vlan 109 in the eth1 interface
- 3. Assign an ip address to the vlan.
- 4. Verify that the VLAN is UP using the command ifconfig
This procedure create the vlan in the RAM
memory, when you restart the machine all the configuration will be lost. To
make the change persistent follow the next procedure
- Copy the file /etc/sysconfig/network-scripts/ifcfg-eth1 to /etc/sysconfig/network-scripts/ifcfg-eth1.109
- Edit the newly copied file using your preferred linux editor, for this example I’m using vim
- Change the DEVICE line from eth1 to eth1.109
- Add the line VLAN=yes. Your file should look like the image below
- Restart the networking daemon using the command “service network restart”
miércoles, 25 de julio de 2012
How to reset iPhone
Has it ever happen that you are using your iPhone and it locks up? You try pressing the sleep/wake button to turn off the phone, and this button does not work.When this happen the only solution is to reset the iPhone (Don't worry you would not erase any information stored on the iphone, is more like a reboot), to do this follow the next steps:
- Hold the sleep/wake button at the top right of the phone and the home button at the bottom center of the face at the same time.
- Hold them until you see the screen go black. Some times you will have to keep holding them even after the red power off slider appears.
- Wait Until whe white Apple logo appears
- The iphone is rebooting
CISSP-ISSEP: Certification and Accreditation (C&A) / Risk Management Framework (RMF)
Webcast that show the differences between Certification and Accreditation (C&A) and the Risk Management Framework (RMF)
Problems watching the video? Please click here
CISSP-ISSMP: System Development Security
This is one of the most important areas of security management today as it continues to grow in importance and relevance to the building of a robust security management program. Watch the video for more
If you have problem viewing the video please click here
viernes, 20 de julio de 2012
ISSEP: System Security Engineering
This domain is very critical to passing the ISSEP exam. It is one of the most logical, however, don’t be fooled thinking this domain will be easy. There is a lot of detail which you must understand to be able to select the best answer on the exam. Let's get started.
Problem watching the video click here
Problem watching the video click here
Working with HR to Develop End User Awareness Trainin
Are employees at your organization exposing you to cyber attacks?
Learn about Working with HR to Develop End User Awareness Training and Why it’s Necessary
Learn about Working with HR to Develop End User Awareness Training and Why it’s Necessary
If you have problem with the video click here
miércoles, 18 de julio de 2012
CISSP-ISSAP: Access Control System and Methodology
Suscribirse a:
Comentarios (Atom)