Re: OT: Re: 10 days CCIE Sec v4 Adv tech bootcamp

Allmost just in time, O'Reilly has put Schneier's book on sale today.

http://shop.oreilly.com/product/9781118143308.do?cmp=tw-npa-dotd-orm-ebook&code=DEAL

You get 50% off of a very good book to read, just $12.47.
Note that I'm not affiliated with Schneier nor O'Reilly. Just want to
add my $.02 to make a better world :)

-Carlos

Carlos G Mendioroz @ 26/11/2012 08:50 -0300 dixit:
> For those that are interested, I would humblily suggest you read Liars &
> Outliers, by Bruce Schneier.
>
> My understanding of his analisys is that any group (GS in this case) can
> withstand a number of "defectors" like those doing advertising here.
> But too many will kill the group. The group will try, at large, to
> resist defectors. But sometime it is just the parasite killing the host...
>
> BTW, Schneier book applies to security in networks, so this is kinda off
> topic.
>
> -Carlos
>
>
> Narbik Kocharians @ 26/11/2012 05:50 -0300 dixit:
>> As of now following the guidelines is our only choice. As I mentioned
>> in my
>> previous post, I am OK with following these guidelines, I was simply
>> making
>> a comment. Advertisement costs a lot of money, the vendors can save a lot
>> of money and what we all save we can offer it as a discount to the
>> potential students.
>>
>> Just a thought.
>>
>> On Mon, Nov 26, 2012 at 12:33 AM, Brian Dennis <bdennis_at_ine.com> wrote:
>>
>>> Why not just follow the guidelines of Groupstudy?
>>>
>>>> Do not post commercial advertisements concerning some product you are
>>>> trying to sell to the
>>>> list members. If you would like to offer the list members a discount
>>>> for
>>>> your product, please
>>>> contact cisco-owner_at_groupstudy.com
>>>> <mailto:cisco-owner_at_groupstudy.com>for further instructions.
>>>
>>> http://groupstudy.com/list/guide.html
>>>
>>> --
>>>
>>> Brian Dennis, CCIEx5 #2210 (R&S/ISP-Dial/Security/SP/Voice)
>>> bdennis_at_ine.com
>>>
>>> INE, Inc.
>>> http://www.INE.com
>>>
>>>
>>>
>>> On 11/25/12 11:40 PM, "Narbik Kocharians" <narbikk_at_gmail.com> wrote:
>>>
>>>> I honestly believe that vendors should be able to advertise their
>>>> product/s
>>>> in a forum like this, so people can see and know the new product/s that
>>>> are
>>>> available in the market.
>>>>
>>>> Why should a person go to a seriously bad boot camp and NOT talk
>>>> about it,
>>>> or why should someone go to a good boot camp and not talk about it?
>>>>
>>>>
>>>>
>>>> I also believe that having vendors advertise here (Obviously a limited
>>>> version) will probably stop the vendor wars.
>>>>
>>>> It will also help people know their choices in books, racks, boot
>>>> camps,
>>>> etc?.
>>>>
>>>> It will be a win win situation for all.
>>>>
>>>> If every advertisement has a heading that says that this is an
>>>> advertisement, you can delete it if you want. Limit the
>>>> advertisement to
>>>> one a month per vendor.
>>>>
>>>>
>>>>
>>>> But if you truly need to stop all ads, *you should NOT allow
>>>> signatures*,
>>>> or reference a blog or a URL that you are the owner or work for. This
>>>> means
>>>> all sorts of advertisements. BTW, I am OK either way?
>>>>
>>>>
>>>>
>>>> Just an idea??.
>>>>
>>>> On Sun, Nov 25, 2012 at 7:12 PM, Samarth Chidanand
>>>> <samarth_04_at_hotmail.com>wrote:
>>>>
>>>>> Friends and Marko, Sorry I posted the link. Below is the technical
>>>>> contents.
>>>>> This is the content of our workbook vol1 and Adv tech bootcamp.
>>>>> Module 1: ASA FirewallASA Initialization (Include redundant
>>>>> interface &
>>>>> ether
>>>>> channeling)Static and Default Routing With Route TrackingRouting on
>>>>> ASA
>>>>> (Unicast & Multicast)Management Access & Setup (SSH, Telnet, ASDM)DHCP
>>>>> Configuration & Relay ConfigurationTraffic Filtering on ASANetwork
>>>>> Address
>>>>> Translation (8.2)Network Address Translation (8.4/8.6)Single-Mode
>>>>> Transparent
>>>>> FirewallAdvance Features in Transparent FirewallNAT in Transparent
>>>>> FirewallApplication Inspection using MPFTCP Normalization using
>>>>> MPFContent
>>>>> FilteringHigh Availability b Active/Standby (Routed & Transparent
>>>>> Mode)Multi-Context Routed ModeMulti-Context Transparent ModeHigh
>>>>> Availability
>>>>> b Active/Active (Routed Mode)High Availability b Active/Active
>>>>> (Transparent Mode)Resource Allocation for ContextsThreat
>>>>> DetectionQoS on
>>>>> ASAIdentity Based FirewallContext Aware FirewallSystem Management
>>>>> (e.g.,
>>>>> SNMP
>>>>> v3, Logging)Module 2: IOS FirewallBasic ZBF ConfigurationAdvance ZBF
>>>>> Configuration (Connection Limits)ZBF Application InspectionZBF Rate
>>>>> LimitingZBF (Transparent Mode)Basic CBACAdvance CBACIOS Content
>>>>> FilteringPAMAccess Control ListsFlexible Packet MatchingIOS
>>>>> Transparent
>>>>> Firewall (Basic & Advanced)Module 3: Intrusion Prevention System
>>>>> (IPS)IPS
>>>>> basic InitializationSwitch Settings for SPAN, RSPAN, TrunkPromiscuous
>>>>> Mode
>>>>> Settings (Basic & Advance)Inline Mode Settings (Basic &
>>>>> Advance)Configuring
>>>>> Multiple Virtual SensorsTraffic Analysis Settings for different IPS
>>>>> ModesTweaking IPS Signatures & ResponsesCreating Custom
>>>>> SignaturesConfiguring
>>>>> Advance Signature ActionsThreat & Risk ManagementConfiguring Event
>>>>> Action
>>>>> OverridesGlobal correlation and reputation based filteringAnomaly
>>>>> Based
>>>>> DetectionIPS System ManagementBasic IPS features on ASAEnabling IPS
>>>>> software
>>>>> module ASA 5515-xIOS IPSModule 4: Identity Services Engine (ISE)ISE
>>>>> InitializationCertificate ManagementActive Directory
>>>>> IntegrationCreating
>>>>> NDGs
>>>>> & Configuring AAA Clients (WLC & Switches)Creating User Identity
>>>>> Groups
>>>>> &
>>>>> Local Network Access UsersCreating Identity Store SequenceConfiguring
>>>>> the
>>>>> Switch for 802.1xConfiguring WLC for 802.1xConfiguring Authentication
>>>>> Policies
>>>>> for 802.1xConfiguring Authorization Policies for 802.1x b
>>>>> BasicConfiguring
>>>>> Authorization Policies for 802.1x b Advanced (With Machine
>>>>> authentication
>>>>> and Machine Access Restrictions)Configuring switch for 802.1x - Flex
>>>>> Auth
>>>>> (Order & Priority) + (Different host modes)Configuring & understanding
>>>>> 802.1x
>>>>> Open mode, Low Impact Mode and High Secure modeConfiguring end point
>>>>> identity
>>>>> groups and adding hostsConfiguring authentication & authorization
>>>>> policies
>>>>> for
>>>>> MAB on ISEConfiguring profiler services on ISEConfiguring probes on
>>>>> NADsConfiguring profiler policies and appropriate authentication &
>>>>> authorization policiesUnderstanding and configuring Central Web
>>>>> AuthenticationConfiguring MAB fallback authentication & authorization
>>>>> policies
>>>>> for CWA on ISEConfiguring Guest Services for external guest users on
>>>>> ISEConfiguring and Tweaking Sponsor & Guess PortalConfiguring ISE for
>>>>> Client
>>>>> Provisioning Services & PoliciesConfiguring ISE for Posture Services &
>>>>> Policies using NAC and Web Agents.Configuring Switch and ISE with MAC
>>>>> SEC
>>>>> option for 802.1xUnderstanding and Configuring ISE for Security Group
>>>>> Tags
>>>>> -
>>>>> SGT (Config Only)Configuring inline ISE for VPN Services (iPEP /
>>>>> iPEN)Configuring ISE for Distributed ArchitectureCut-Through Proxy /
>>>>> Authentication Proxy using ISE as AAA ServerSystem Management /
>>>>> Monitoring
>>>>> and
>>>>> TroubleshootingModule 5: Access Control Server (ACS)ACS
>>>>> InitializationConfiguring NAD s for AAA Device Access Administration
>>>>> (Routers/Switches/ASA) (Telnet, HTTP, SSH, Privilege levels
>>>>> etc.)Configuring
>>>>> NDG and Adding AAA Clients on ACSConfiguring Internal Identity
>>>>> Groups &
>>>>> Local
>>>>> Users, HostsIntegrating with Active DirectoryCertificate Management &
>>>>> Certificate Authentication Profiles with attribute retrievalCreating
>>>>> Identity
>>>>> Store SequenceConfiguring Policy Elements Parameters for AAA Device
>>>>> Administration (Shell Profile, Command Authorization Sets, Date and
>>>>> Time,
>>>>> DACL, Radius Attributes)Configuring Service Selection Policy (SSP) &
>>>>> Access
>>>>> ServicesConfiguring identity and authorization policies for AAA device
>>>>> administration (Authentication, Exec and Command
>>>>> authorization)Configuring
>>>>> policy elements parameters for Network Access AAA (cut-through proxy,
>>>>> authentication proxy and 802.1x)Configuring identity and authorization
>>>>> policies for cut through proxyConfiguring identity and authorization
>>>>> policies
>>>>> for 802.1x & MABIOS role based CLI using Local Database and
>>>>> ACSMonitoring,
>>>>> Reports and System AdministrationModule 6: Web Security Appliance
>>>>> (WSA)Configure WCCP (Needed for transparent mode of WSA)WSA
>>>>> Initialization
>>>>> using setup wizardUnderstanding explicit proxy deployment and
>>>>> transparent
>>>>> proxy deploymentEnable proxy services with basic URL
>>>>> filteringConfiguring
>>>>> proxy server information in web browsersConfigure acknowledgment and
>>>>> custom
>>>>> end-user notificationsConfiguring native FTP proxyConfiguring NTLM and
>>>>> LDAP
>>>>> based authenticationConfiguring authentication based access
>>>>> policiesConfiguring access policiesConfiguring identitiesConfiguring
>>>>> authentication exemptionsConfiguring acceptable use
>>>>> policiesConfiguring
>>>>> URL
>>>>> filtersConfiguring custom URL categoriesConfiguring media bandwidth
>>>>> limitsConfiguring application visibility and controlConfiguring proxy
>>>>> bypass
>>>>> list for WSA in transparent deploymentEnabling Web Reputation Scores
>>>>> (WBRS)Configuring anti-malware scanning (DVS, Access Policies,
>>>>> Outbound
>>>>> Malware Scanning)Configuring HTTPS proxy, HTTP decryption policies and
>>>>> inspectionConfiguring Iron Port data securityConfiguring Data Loss
>>>>> Prevention
>>>>> (DLP)Understanding and interpreting ACL tags/logsSystem
>>>>> ManagementUnderstanding L4TM (Brief)Module 7: Virtual Private Network
>>>>> (VPN)IPSec LAN-to-LAN Tunnel on IOS (Classical & VTI method)IPSec
>>>>> LAN-to-LAN
>>>>> Tunnel between IOS and ASA (WithB and Without NAT-T)IPSec hub and
>>>>> spoke on
>>>>> ASAIPSec redundancy features (link failure, node failure and
>>>>> SSO)Remote
>>>>> access
>>>>> IPSec VPN on IOS (Classical and DVTI)Remote access IPSec VPN on
>>>>> ASAIPSec
>>>>> Tunnels using ISAKMP profilesGRE over IPSec using ISAKMP profilesVRF
>>>>> Aware
>>>>> IPSec (LAN-LAN + Remote Access)CA Certificate Authority and IOS Sub CA
>>>>> ServerIOS certificate map & IOS DN based crypto mapsTunnel group
>>>>> mapping on
>>>>> ASAIPSec VPN Tunnels using IOS CADMVPN Phase-2 & Phase-3VRF Aware
>>>>> DMVPNDMVPN
>>>>> Phase-3 with hierarchical hubsGET VPN & Advance GET VPNFlexVPN (IKE
>>>>> v2)Misc
>>>>> IPSec Features and Options on IOS and ASAClientless SSL VPN on IOS and
>>>>> ASAAnyConnect BasicAnyConnect AdvancedRemote Access VPN authentication
>>>>> using
>>>>> AAA serverModule 8: System Hardening and AvailabilityRouting protocol
>>>>> security
>>>>> featuresControl Plane Protection and Management Plane
>>>>> ProtectionBroadcast
>>>>> control and switchport securityAdditional CPU protection mechanisms
>>>>> (options
>>>>> drop, logging interval)Disable unnecessary servicesDevice system
>>>>> services
>>>>> (SNMP, Syslog, NTP)Transit Traffic Control and Congestion
>>>>> ManagementModule
>>>>> 9:
>>>>> Threat Identification and MitigationMitigate or prevent fragmentation
>>>>> attacksMitigate or prevent against malicious IP option
>>>>> usageMitigate or
>>>>> prevent network reconnaissance attacksMitigate or prevent IP spoofing
>>>>> attacksMitigate or prevent MAC spoofing attacksMitigate or prevent ARP
>>>>> spoofing attacksMitigate or prevent DoS and DDoS attacksMitigate or
>>>>> prevent
>>>>> Man-in-the-Middle (MiM) attacksIdentify and protect port redirection
>>>>> attacksMitigate or prevent DHCP attacksMitigate or prevent DNS
>>>>> attacksMitigate
>>>>> or prevent MAC Flooding attacksMitigate or prevent VLAN hopping
>>>>> attacksMitigate or prevent various common Layer2 and Layer3
>>>>> attacksUsing
>>>>> NBAR
>>>>> to mitigate network attacks on IOSNetFlow as attack mitigation tool on
>>>>> IOS
>>>>> and
>>>>> ASA
>>>>>
>>>>> Best Wishes.
>>>>> C SAMARTH
>>>>> CCIE #18535 (R&S , Security)
>>>>>
>>>>>
>>>>>> From: markom_at_ipexpert.com
>>>>>> Date: Sun, 25 Nov 2012 13:30:49 -0800
>>>>>> Subject: Re: 10 days CCIE Sec v4 Adv tech bootcamp
>>>>>> To: samarth_04_at_hotmail.com
>>>>>> CC: ccielab_at_groupstudy.com
>>>>>>
>>>>>> And how about a little bit less SPAM, a little more technical content
>>>>>> here on the list? :-)
>>>>>>
>>>>>> --
>>>>>> Marko Milivojevic - CCIE #18427 (SP R&S)
>>>>>> Senior CCIE Instructor - IPexpert
>>>>>>
>>>>>> On Sun, Nov 25, 2012 at 12:42 AM, Samarth Chidanand
>>>>>> <samarth_04_at_hotmail.com> wrote:
>>>>>>> Content Link ->
>>>>> http://netmetric-solutions.com/about_us/ccie_security.htmlWork
>>>>>>> book ready and the contents are the same.December class sold out.
>>>>> Jan
>>>>> 2013
>>>>>>> class is open for registration
>>>>>>> SuperLab/Mock Lab workbook and bootcamp in progress - Approx in
>>>>> Feb/March
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Best Wishes.
>>>>>>> C SAMARTH
>>>>>>> CCIE #18535 (R&S , Security)
>>>>>>>
>>>>>>>
>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>
>>>>>>>
>>>>> _______________________________________________________________________
>>>>>
>>>>>>> Subscription information may be found at:
>>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>>>>>
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> *Narbik Kocharians
>>>> *CCSI#30832, CCIE# 12410 (R&S, SP, Security)
>>>> *www.MicronicsTraining.com* <http://www.micronicstraining.com/>
>>>> Sr. Technical Instructor
>>>> YES! We take Cisco Learning Credits!
>>>> A Cisco Learning Partner
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>

-- 
Carlos G Mendioroz  <tron_at_huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net