From: joshua lauer (jslauer@hotmail.com)
Date: Fri Dec 30 2005 - 13:22:08 GMT-3
I take a section of the DOC CD each day and review completely one of them, I
keep track of which ones I do and after I'm done, I do it all over again. I
usually pick up something I missed each time. With this technique I've never
had an issue locating anything, don't have to use the search feature anymore
and I learn something new every day. I really don't find any substitute for
actually reading the entire documentation many times. It all comes down to
keeping track of what you read and then reading it again a bunch of times
until it sticks.
I have been reading the 12.2 and 12.4 doc's mostly these days. I keep a
couple of notebooks with new features printed out, whenever a new one comes
out I make a copy and put it in there. After that, I try the commands out on
a router or two...to cement them into my head.
JL
----- Original Message -----
From: "Scott Morris" <swm@emanon.com>
To: "'Anthony Sequeira'" <terry.francona@gmail.com>; "'Cisco certification'"
<ccielab@groupstudy.com>
Sent: Friday, December 30, 2005 10:49 AM
Subject: RE: Strategy Discussion: Finding a New Feature on the DOC-CD
> There are a number of new features that can be found by cruising through
> things. Obviously if you are searching this for the first time in the
> middle of your lab, things may get a little hairy on time management!
> Prior
> to the lab, you should be at least vaguely familiar with the layout of the
> CD. Know generally where to find things, and be comfortable with the
> master
> indices as well.
>
> Otherwise, this should be an exercise in logic of narrowing things down.
>
> 1. How do we set up parameters for logins?
> a. Under the VTY ports (use ? Here, or look at system management
> and terminal services on the CD)
> b. Under the username command (the ? Should be sufficient)
> c. Under an AAA process (use ? Or the DocCD under Security
> configuration)
>
> 2. Look at the rest of the requirements for your lab. I'm going to
> assume
> that other information indicates you should use AAA (the "local user" part
> helped here). The username command allows you to set a limit to the
> number
> of simultaneous logins a user can have, but nothing about the number of
> failed attempts.
>
> 3. So we've narrowed that down to an AAA thing. Now, quite simply, go
> use
> "aaa ?" and you'll see a list of stuff. Most options don't help, but your
> concern has to do with authentication, so "aaa authentication ?" next.
> There's a really cool option there called attempts! "aaa authentication
> attempts ?" gives one parameter. "aaa authentication attempts login 4"
> would be a good starting point. But all this does is kill the session at
> hand, it doesn't lock anything out.
>
> 4. The "locked out" part causes pause. For how long? Forever? There
> are
> options in the ACS server we can do to trigger an account to he locked out
> forever, but not in the local user database. With 12.3, there are some
> new
> global commands that can give a time period. "login ?" should help you
> with
> this, and you'll find the "login block-for" command that may help as well.
> That actually locks out ALL logins for 'x' # of seconds. This is designed
> to prevent dictionary-based access attacks on your router, it's not really
> designed to punish individual users. This is actually a 12.3(T)4 command,
> which means it will not be on most routers in your lab (running 12.3
> mainline). The one(s) running 12.4 mainline code will have that command
> available.
>
> 5. It may be good to ask the proctor for more clarification on that (or
> re-read the surrounding requirements in that section).
>
> So run through the logic of what the surrounding point on your scenario
> are
> (this typically gives context), and start using the ? To help. The DocCD
> can come second, but you should have had plenty of experience with it
> ahead
> of time! If you are blindly searching for things, you'll waste lots of
> time. If you have structure to your search and you know the layout, that
> will help!
>
> Searching the new features is often a pain in the ass! You can go up to
> the
> next level (12.4) or search the New Features section of the 12.3 docs
> specifically. Again, vague familiarity from searching through things
> before
> you get to your lab adds to your experience level!
>
> HTH,
>
> Scott
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Anthony Sequeira
> Sent: Thursday, December 29, 2005 8:41 PM
> To: Cisco certification
> Subject: Strategy Discussion: Finding a New Feature on the DOC-CD
>
> Hope all in the group are well......here is a strategy question I need to
> pose.....
>
> Let's say you are in the exam and you come across a task that you believe
> must be one of the new features of 12.3 or 12.4 because you are VERY
> familiar with the 12.2 documentation and you just know that this task
> cannot
> be accomplished with ANYTHING in there. Here is a bad example - but an
> example nonetheless:
>
> 9.0 Security
>
> 9.1 You want to configure it so that a local user account BIGLOSER
> password
> BADPASSWORD will be locked out of the router should this user attempt to
> log
> in more than four times with a bad username or password.
>
> My question is - what is a good strategy for searching the new feature
> documentation for this feature?
>
> It seems like there is a sea of New Features links in both 12.3 and
> 12.4that
> you would need to look through to find the document that goes with this
> new
> feature!
>
> Can someone shed some light on the correct approach here? Perhaps my
> example
> can be used to demonstrate the logic of the search for the right link?
>
> Thanks in advance!
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:52 GMT-3