OT: Re: 10 days CCIE Sec v4 Adv tech bootcamp

For those that are interested, I would humblily suggest you read Liars &
Outliers, by Bruce Schneier.

My understanding of his analisys is that any group (GS in this case) can
withstand a number of "defectors" like those doing advertising here.
But too many will kill the group. The group will try, at large, to
resist defectors. But sometime it is just the parasite killing the host...

BTW, Schneier book applies to security in networks, so this is kinda off
topic.

-Carlos

Narbik Kocharians @ 26/11/2012 05:50 -0300 dixit:
> As of now following the guidelines is our only choice. As I mentioned in my
> previous post, I am OK with following these guidelines, I was simply making
> a comment. Advertisement costs a lot of money, the vendors can save a lot
> of money and what we all save we can offer it as a discount to the
> potential students.
>
> Just a thought.
>
> On Mon, Nov 26, 2012 at 12:33 AM, Brian Dennis <bdennis_at_ine.com> wrote:
>
>> Why not just follow the guidelines of Groupstudy?
>>
>>> Do not post commercial advertisements concerning some product you are
>>> trying to sell to the
>>> list members. If you would like to offer the list members a discount for
>>> your product, please
>>> contact cisco-owner_at_groupstudy.com
>>> <mailto:cisco-owner_at_groupstudy.com>for further instructions.
>>
>> http://groupstudy.com/list/guide.html
>>
>> --
>>
>> Brian Dennis, CCIEx5 #2210 (R&S/ISP-Dial/Security/SP/Voice)
>> bdennis_at_ine.com
>>
>> INE, Inc.
>> http://www.INE.com
>>
>>
>>
>> On 11/25/12 11:40 PM, "Narbik Kocharians" <narbikk_at_gmail.com> wrote:
>>
>>> I honestly believe that vendors should be able to advertise their
>>> product/s
>>> in a forum like this, so people can see and know the new product/s that
>>> are
>>> available in the market.
>>>
>>> Why should a person go to a seriously bad boot camp and NOT talk about it,
>>> or why should someone go to a good boot camp and not talk about it?
>>>
>>>
>>>
>>> I also believe that having vendors advertise here (Obviously a limited
>>> version) will probably stop the vendor wars.
>>>
>>> It will also help people know their choices in books, racks, boot camps,
>>> etc?.
>>>
>>> It will be a win win situation for all.
>>>
>>> If every advertisement has a heading that says that this is an
>>> advertisement, you can delete it if you want. Limit the advertisement to
>>> one a month per vendor.
>>>
>>>
>>>
>>> But if you truly need to stop all ads, *you should NOT allow signatures*,
>>> or reference a blog or a URL that you are the owner or work for. This
>>> means
>>> all sorts of advertisements. BTW, I am OK either way?
>>>
>>>
>>>
>>> Just an idea??.
>>>
>>> On Sun, Nov 25, 2012 at 7:12 PM, Samarth Chidanand
>>> <samarth_04_at_hotmail.com>wrote:
>>>
>>>> Friends and Marko, Sorry I posted the link. Below is the technical
>>>> contents.
>>>> This is the content of our workbook vol1 and Adv tech bootcamp.
>>>> Module 1: ASA FirewallASA Initialization (Include redundant interface &
>>>> ether
>>>> channeling)Static and Default Routing With Route TrackingRouting on ASA
>>>> (Unicast & Multicast)Management Access & Setup (SSH, Telnet, ASDM)DHCP
>>>> Configuration & Relay ConfigurationTraffic Filtering on ASANetwork
>>>> Address
>>>> Translation (8.2)Network Address Translation (8.4/8.6)Single-Mode
>>>> Transparent
>>>> FirewallAdvance Features in Transparent FirewallNAT in Transparent
>>>> FirewallApplication Inspection using MPFTCP Normalization using
>>>> MPFContent
>>>> FilteringHigh Availability b Active/Standby (Routed & Transparent
>>>> Mode)Multi-Context Routed ModeMulti-Context Transparent ModeHigh
>>>> Availability
>>>> b Active/Active (Routed Mode)High Availability b Active/Active
>>>> (Transparent Mode)Resource Allocation for ContextsThreat DetectionQoS on
>>>> ASAIdentity Based FirewallContext Aware FirewallSystem Management (e.g.,
>>>> SNMP
>>>> v3, Logging)Module 2: IOS FirewallBasic ZBF ConfigurationAdvance ZBF
>>>> Configuration (Connection Limits)ZBF Application InspectionZBF Rate
>>>> LimitingZBF (Transparent Mode)Basic CBACAdvance CBACIOS Content
>>>> FilteringPAMAccess Control ListsFlexible Packet MatchingIOS Transparent
>>>> Firewall (Basic & Advanced)Module 3: Intrusion Prevention System
>>>> (IPS)IPS
>>>> basic InitializationSwitch Settings for SPAN, RSPAN, TrunkPromiscuous
>>>> Mode
>>>> Settings (Basic & Advance)Inline Mode Settings (Basic &
>>>> Advance)Configuring
>>>> Multiple Virtual SensorsTraffic Analysis Settings for different IPS
>>>> ModesTweaking IPS Signatures & ResponsesCreating Custom
>>>> SignaturesConfiguring
>>>> Advance Signature ActionsThreat & Risk ManagementConfiguring Event
>>>> Action
>>>> OverridesGlobal correlation and reputation based filteringAnomaly Based
>>>> DetectionIPS System ManagementBasic IPS features on ASAEnabling IPS
>>>> software
>>>> module ASA 5515-xIOS IPSModule 4: Identity Services Engine (ISE)ISE
>>>> InitializationCertificate ManagementActive Directory IntegrationCreating
>>>> NDGs
>>>> & Configuring AAA Clients (WLC & Switches)Creating User Identity Groups
>>>> &
>>>> Local Network Access UsersCreating Identity Store SequenceConfiguring
>>>> the
>>>> Switch for 802.1xConfiguring WLC for 802.1xConfiguring Authentication
>>>> Policies
>>>> for 802.1xConfiguring Authorization Policies for 802.1x b
>>>> BasicConfiguring
>>>> Authorization Policies for 802.1x b Advanced (With Machine
>>>> authentication
>>>> and Machine Access Restrictions)Configuring switch for 802.1x - Flex
>>>> Auth
>>>> (Order & Priority) + (Different host modes)Configuring & understanding
>>>> 802.1x
>>>> Open mode, Low Impact Mode and High Secure modeConfiguring end point
>>>> identity
>>>> groups and adding hostsConfiguring authentication & authorization
>>>> policies
>>>> for
>>>> MAB on ISEConfiguring profiler services on ISEConfiguring probes on
>>>> NADsConfiguring profiler policies and appropriate authentication &
>>>> authorization policiesUnderstanding and configuring Central Web
>>>> AuthenticationConfiguring MAB fallback authentication & authorization
>>>> policies
>>>> for CWA on ISEConfiguring Guest Services for external guest users on
>>>> ISEConfiguring and Tweaking Sponsor & Guess PortalConfiguring ISE for
>>>> Client
>>>> Provisioning Services & PoliciesConfiguring ISE for Posture Services &
>>>> Policies using NAC and Web Agents.Configuring Switch and ISE with MAC
>>>> SEC
>>>> option for 802.1xUnderstanding and Configuring ISE for Security Group
>>>> Tags
>>>> -
>>>> SGT (Config Only)Configuring inline ISE for VPN Services (iPEP /
>>>> iPEN)Configuring ISE for Distributed ArchitectureCut-Through Proxy /
>>>> Authentication Proxy using ISE as AAA ServerSystem Management /
>>>> Monitoring
>>>> and
>>>> TroubleshootingModule 5: Access Control Server (ACS)ACS
>>>> InitializationConfiguring NAD s for AAA Device Access Administration
>>>> (Routers/Switches/ASA) (Telnet, HTTP, SSH, Privilege levels
>>>> etc.)Configuring
>>>> NDG and Adding AAA Clients on ACSConfiguring Internal Identity Groups &
>>>> Local
>>>> Users, HostsIntegrating with Active DirectoryCertificate Management &
>>>> Certificate Authentication Profiles with attribute retrievalCreating
>>>> Identity
>>>> Store SequenceConfiguring Policy Elements Parameters for AAA Device
>>>> Administration (Shell Profile, Command Authorization Sets, Date and
>>>> Time,
>>>> DACL, Radius Attributes)Configuring Service Selection Policy (SSP) &
>>>> Access
>>>> ServicesConfiguring identity and authorization policies for AAA device
>>>> administration (Authentication, Exec and Command
>>>> authorization)Configuring
>>>> policy elements parameters for Network Access AAA (cut-through proxy,
>>>> authentication proxy and 802.1x)Configuring identity and authorization
>>>> policies for cut through proxyConfiguring identity and authorization
>>>> policies
>>>> for 802.1x & MABIOS role based CLI using Local Database and
>>>> ACSMonitoring,
>>>> Reports and System AdministrationModule 6: Web Security Appliance
>>>> (WSA)Configure WCCP (Needed for transparent mode of WSA)WSA
>>>> Initialization
>>>> using setup wizardUnderstanding explicit proxy deployment and
>>>> transparent
>>>> proxy deploymentEnable proxy services with basic URL
>>>> filteringConfiguring
>>>> proxy server information in web browsersConfigure acknowledgment and
>>>> custom
>>>> end-user notificationsConfiguring native FTP proxyConfiguring NTLM and
>>>> LDAP
>>>> based authenticationConfiguring authentication based access
>>>> policiesConfiguring access policiesConfiguring identitiesConfiguring
>>>> authentication exemptionsConfiguring acceptable use policiesConfiguring
>>>> URL
>>>> filtersConfiguring custom URL categoriesConfiguring media bandwidth
>>>> limitsConfiguring application visibility and controlConfiguring proxy
>>>> bypass
>>>> list for WSA in transparent deploymentEnabling Web Reputation Scores
>>>> (WBRS)Configuring anti-malware scanning (DVS, Access Policies, Outbound
>>>> Malware Scanning)Configuring HTTPS proxy, HTTP decryption policies and
>>>> inspectionConfiguring Iron Port data securityConfiguring Data Loss
>>>> Prevention
>>>> (DLP)Understanding and interpreting ACL tags/logsSystem
>>>> ManagementUnderstanding L4TM (Brief)Module 7: Virtual Private Network
>>>> (VPN)IPSec LAN-to-LAN Tunnel on IOS (Classical & VTI method)IPSec
>>>> LAN-to-LAN
>>>> Tunnel between IOS and ASA (WithB and Without NAT-T)IPSec hub and
>>>> spoke on
>>>> ASAIPSec redundancy features (link failure, node failure and SSO)Remote
>>>> access
>>>> IPSec VPN on IOS (Classical and DVTI)Remote access IPSec VPN on ASAIPSec
>>>> Tunnels using ISAKMP profilesGRE over IPSec using ISAKMP profilesVRF
>>>> Aware
>>>> IPSec (LAN-LAN + Remote Access)CA Certificate Authority and IOS Sub CA
>>>> ServerIOS certificate map & IOS DN based crypto mapsTunnel group
>>>> mapping on
>>>> ASAIPSec VPN Tunnels using IOS CADMVPN Phase-2 & Phase-3VRF Aware
>>>> DMVPNDMVPN
>>>> Phase-3 with hierarchical hubsGET VPN & Advance GET VPNFlexVPN (IKE
>>>> v2)Misc
>>>> IPSec Features and Options on IOS and ASAClientless SSL VPN on IOS and
>>>> ASAAnyConnect BasicAnyConnect AdvancedRemote Access VPN authentication
>>>> using
>>>> AAA serverModule 8: System Hardening and AvailabilityRouting protocol
>>>> security
>>>> featuresControl Plane Protection and Management Plane
>>>> ProtectionBroadcast
>>>> control and switchport securityAdditional CPU protection mechanisms
>>>> (options
>>>> drop, logging interval)Disable unnecessary servicesDevice system
>>>> services
>>>> (SNMP, Syslog, NTP)Transit Traffic Control and Congestion
>>>> ManagementModule
>>>> 9:
>>>> Threat Identification and MitigationMitigate or prevent fragmentation
>>>> attacksMitigate or prevent against malicious IP option usageMitigate or
>>>> prevent network reconnaissance attacksMitigate or prevent IP spoofing
>>>> attacksMitigate or prevent MAC spoofing attacksMitigate or prevent ARP
>>>> spoofing attacksMitigate or prevent DoS and DDoS attacksMitigate or
>>>> prevent
>>>> Man-in-the-Middle (MiM) attacksIdentify and protect port redirection
>>>> attacksMitigate or prevent DHCP attacksMitigate or prevent DNS
>>>> attacksMitigate
>>>> or prevent MAC Flooding attacksMitigate or prevent VLAN hopping
>>>> attacksMitigate or prevent various common Layer2 and Layer3 attacksUsing
>>>> NBAR
>>>> to mitigate network attacks on IOSNetFlow as attack mitigation tool on
>>>> IOS
>>>> and
>>>> ASA
>>>>
>>>> Best Wishes.
>>>> C SAMARTH
>>>> CCIE #18535 (R&S , Security)
>>>>
>>>>
>>>>> From: markom_at_ipexpert.com
>>>>> Date: Sun, 25 Nov 2012 13:30:49 -0800
>>>>> Subject: Re: 10 days CCIE Sec v4 Adv tech bootcamp
>>>>> To: samarth_04_at_hotmail.com
>>>>> CC: ccielab_at_groupstudy.com
>>>>>
>>>>> And how about a little bit less SPAM, a little more technical content
>>>>> here on the list? :-)
>>>>>
>>>>> --
>>>>> Marko Milivojevic - CCIE #18427 (SP R&S)
>>>>> Senior CCIE Instructor - IPexpert
>>>>>
>>>>> On Sun, Nov 25, 2012 at 12:42 AM, Samarth Chidanand
>>>>> <samarth_04_at_hotmail.com> wrote:
>>>>>> Content Link ->
>>>> http://netmetric-solutions.com/about_us/ccie_security.htmlWork
>>>>>> book ready and the contents are the same.December class sold out.
>>>> Jan
>>>> 2013
>>>>>> class is open for registration
>>>>>> SuperLab/Mock Lab workbook and bootcamp in progress - Approx in
>>>> Feb/March
>>>>>>
>>>>>>
>>>>>>
>>>>>> Best Wishes.
>>>>>> C SAMARTH
>>>>>> CCIE #18535 (R&S , Security)
>>>>>>
>>>>>>
>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>
>>>>>>
>>>> _______________________________________________________________________
>>>>>> Subscription information may be found at:
>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> *Narbik Kocharians
>>> *CCSI#30832, CCIE# 12410 (R&S, SP, Security)
>>> *www.MicronicsTraining.com* <http://www.micronicstraining.com/>
>>> Sr. Technical Instructor
>>> YES! We take Cisco Learning Credits!
>>> A Cisco Learning Partner
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>
>

-- 
Carlos G Mendioroz  <tron_at_huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net