Going for CCNA:Sec!

I finally have enough free time to tackle this beast! This is my first "progress" thread, so go easy on me! I'm going to try to approach this test the same way that I approached the ICND1, which is to go through the material twice. First pass I'm just going to write down questions with little notes, second pass will be when I do in-depth notes. I didn't follow this method when taking the ICND2 and I was basically copying the entire book when taking notes (which is probably why I took longer and had a lower score).

I'll try to post the questions that I make each day in the thread along with a few thoughts.

Here are the materials that I will be using:

Primary
1. Cisco E-Learning: Going to read it twice. First without taking notes (but I will be creating questions/labbing) then with notes
2. Pluralsight: When I feel like the E-learning videos explain a topic thoroughly.

Labs
1. VIRL
2. CBTNuggets

Practice Test
1. Boson Practice Exam

Review
1. Cisco E-Learning + Pluralsight Notes
2. 31 days to CCNA Security (to fill in any gaps)

Target Date: May 1st

Find more posts tagged with

Comments

PCTechLinc

Using those as your resources, with your Target Date, I honestly don't think you'll have any issues. I found the Boson Practice Exam to be extremely accurate compared to the real exam. I've also heard that they've fixed all the issues with the simulations on the actual exam.

Going through the CBTNuggets, MAKE SURE you watch the extra videos Keith Barker recommends. It adds a TON of study time, but is definitely worth it. Additionally study his Parka document. You will find a lot of the extra information you NEED to know in the Boson exam. Best of luck!

CertifiedMonkey

Today I reviewed Layer 2 technologies and how to secure them. Most of the material was covered in the CCNA. There were a few new technologies that weren't really in the CCNA including PVLANs, VACLs and PACLs. I wrote down ALOT of questions, but I have to sift through them and pick which ones are worth posting. I'll edit this post and add the questions (hopefully by tomorrow).

Trunking Q's:
1. What problem does trunking solve?
2. What protocols are available to implement trunking?
3. Which is the more widely implemented protocol and why?
4. Switch A and Switch B are connected together via a trunk link. Both switches are configured with VLANs 2,3,4, and 5. All VLANs are allowed on the trunk. Switch A uses a native VLAN of 2 on its trunk link and Switch B uses a native VLAN of 3 on its trunk link. What is this an example of? What devices on Switch B would receive a broadcast sent by a device in VLAN 2 on switch A?5. When implementing router on a stick, does the subinterface number have to be the same as the VLAN number?
6. Of the following trunking protocols, which would you use to connect a Cisco device to a non-Cisco device: ISL or 802.1Q?
7. What must be recalculated after an 802.1Q tag is inserted in an Ethernet frame and why?
8. What is a VLAN hopping attack? Why is it a problem? What protocol can an attacker take advantage of to perform this attack? What can be done to prevent VLAN hopping attacks?
9. What are double-tagged VLAN hopping attacks, what situations allow them to occur, and what can be used to prevent them?
10. You issue the switchport nonegotiate command on a switchport that is configured with the switchport mode dynamic desirable command, but receive an error message, what is most likely the problem?

CDP
1. By default, how often do Cisco IOS devices send out a CDP advertisements?
2. When a device receives a CDP announcement, how long do they store that information in the CDP neighbor table?
3. How can attackers leverage CDP in an attack?

ACLs
1. What statement is implied at the end of an ACL?
2. You are trying to implement a PACL on a multilayer switch in the outbound direction, but it isn't working, what is most likely the problem?

MAC Spoofing/ARP Spoofing
1. What Cisco feature is used to prevent ARP cache poisoning and how does that feature work?
2. A switch learns 15 MAC addresses. An attacker connects to the switch and initiates a CAM table overflow attack. What will happen to these 15 learned MAC addresses during this attack?
3. How can gratuitous ARP replies be used in an ARP spoofing attack?
4. How feature can be used to prevent a CAM overflow attack?

Port Security
1. What are the three port security actions and what are the differences between them?
2. Why would you limit the maximum number of MAC addresses permitted on a port? What attack would this prevent?

PVLAN

1. What problem was PVLAN designed to solve? How is communication between hosts controlled with PVLANs?
2. How many VLANs can a promiscuous port service?
3. How does a proxy attack against a PVLAN work? How can this attack be mitigated?

CertifiedMonkey

Updated the previous post with some questions that I wrote down yesterday. I want to create more detailed questions with topology diagrams and scenarios. However, I don't think I can upload a lot of the topo. diagram pictures here. I'll probably end up making a quizlet or blog and move questions/notes there.

You may have noticed that the questions don't have answers. This is on purpose. If I can't answer a question, then I'm going to do some additional research. I feel like questions are a better way to test one's knowledge than regular notes. Also, I don't think I'm going to stick with daily updates. I'll try weekly update instead.