my subscriptions
POPULAR-ALL-RANDOM | LOADING...MORE »
madmike78 commented on a post in r/ccna
5
Propulsions 5 points

Because there is a list of who owns what. Remember you're advertising these routes not just in your organization but to the world.

I /u/propulsions own 172.30.0.0/23. That subnet is associated with my own personal ASN of 64550. If you /u/daveba123 advertise my prefix with your ASN of 64560, I can prove that you're doing so mistakenly or in bad faith.

madmike78 1 point

172.30.0.0/23 is RFC 1918 private address space. It is not routable to the world. 64560 is also private AS space, not advertised to the world.

Only public (routable to the world) ip address space and ASN's are registered. The rest are free to use for any organization inside of their network boundaries.

https://tools.ietf.org/html/rfc1918

https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13756-32.html

madmike78 commented on a post in r/ccna
madmike78 1 point

What CannibalAbgel said

Cyber Ops is more incident detection and response (SOC)

Security is more operations focused (Network Security)

HTKsos 1 point

so... If I understand this right, in terms of the attack continuum:

CCNA Sec = Before

Cyber OPS = During/After

madmike78 2 points

both have their unique tasks before, during, and after an attack.

Before, CyberOps would review logs, response plans, and various other things

Before, Sec would evaluate configure, harden infrastructure, keep up with patching

During, CyberOps will notify the appropriate groups, investigate further, gather information

During, Sec would block, patch, or configure based on information provided by CyberOps

After, CyberOps would review threat response plans, validate containment, recommend strategies to prevent similar occurances

After, Sec would evaluate what's provided by CyberOps to re-mediate other potentially vulnerable systems

madmike78 commented on a post in r/ccna
madmike78 0 points

Not always, but most of the time. Exceptions are usually (but not always) devices with dedicated management interfaces.

You just illustrated the reason for having a loopback. If all interfaces are down, you can still perform some level of testing with the Loopback interface.

Propulsions 1 point

You just illustrated the reason for having a loopback. If all interfaces are down, you can still perform some level of testing with the Loopback interface.

What sort of useful testing could you do with all the physical interfaces down and the logical loopback up?

madmike78 0 points

set an interface to be up regardless of physical state ... ping from loopback to physical interface. Test data plane internally.

Load more comments
madmike78 commented on a post in r/ccna
madmike78 1 point

There is some overlapping knowledge between CCNA-Security, CCNA-RS and CCNP RS.

specifically 802.1x, pvlans, securing routing protocols, and more.

Best to get CCNA RS completed prior to CCNA-Sec, some people (not me) recommend CCNP RS prior to CCNA-Sec

madmike78 commented on a post in r/ccna
madmike78 5 points

I think Udemy is $10-15 ... Chris Bryant is a good instructor and i I think you can get ICND1/ICND2/CCNA-Composite materials.

Labs - look for cisco packet tracer - it is a low-level virtual lab that is free ... i think you just have to create an account on their learning portal ... for ICND1/ICND2 - you will not need physical gear

I personally like to approach studying with 3 vectors -- Video, Reading Materials, Note Taking (huge fan of notepadd++ and sublime text)

in the beginning since this is a new topic for you, I would start with packet tracer and Chris Bryant Udemy videos --- mimic everything he does in your packet tracer lab -- take notes as you go ..... when you are getting ready to test out, evaluate if you can afford to spend the money on Boson Exam Simulator

radicalbamboozl 1 point

Thanks! I just purchased Chris Bryant's boot camp course so I will start there and also look into the packet tracer.

madmike78 1 point
madmike78 commented on a post in r/ccna
madmike78 2 points

1 year as an intern and 1 year as an analyst is still relatively new. Experience is worth a lot more than certs and will likely open more opportunities for you. I would spend another year working on the certs that point in the direction you want to go. That gives you another year of experience and a path towards what you want.

madmike78 commented on a post in r/ccna
madmike78 2 points

I've never used Pearson Practice exams.

I can vouch for Boson if you use it the right way. They helped me with a first time pass for CCNA-Security (crushed it 926/860) after 3 months study. Read every question and every explanation. Open every reference link provided and read it.

madmike78 commented on a post in r/ccna
madmike78 1 point

Just about any cert that augments your knowledge base will make you more desirable to an employer. Many of the smaller shops have cross-functional teams, such as Server Admin/Networking, or Security/App-Development. As you work your way into larger organizations, your job-role will be more focused towards a single function. Even in the larger shops with a single focus will recognize the benefit of a broad background.

One of things I have noticed trending in recent years is the need for security focused network personnel. There is also a a need for automations focused (python or other scripting language) network personnel.

madmike78 commented on a post in r/ccna
madmike78 1 point

1rst CCNA composite November 2011 - 1 week boot camp

2nd CCENT/CCNA January 2018 - 3 months study

3rd CCNA-Sec April 2018 - 3 months study + Boson ExSim

4th SECFND June 2018 - 2 months study scholarship/e-learning

5th SecOps ... working on it

madmike78 commented on a post in r/ccna
21
johnnyfuckinairforce 1 point

While I don't dispute u/the-packet-thrower I think the CySA+ is a great cert to have. It's still new and hasn't had a reputation built up for it yet but as far as the DoD is concerned it's on par with the CEH and other higher certs based in its content and not it being a Comptia cert.

madmike78 1 point
madmike78 commented on a post in r/ccna
3
login_local 1 point

An exam at the same level or higher will renew certifications at the respective level and lower. Example would be 210-260 (CCNA-S) renews CCNA: R&S. 100-105 (CCENT) would not renew CCNA.

madmike78 2 points

CCNA-S renews CCNA-RS and CCENT

login_local 2 points

Right. I was saying that the exam for CCENT won't renew CCNA: R&S.

madmike78 1 point

i misread ... need more coffee :)

madmike78 commented on a post in r/ccna
8
madmike78 1 point

I spent 3 months on my study, i thought it was really useful for real-world events. I am still using a lot of the things I learned. If you look through my posts, you can find my note dumps.

madmike78 commented on a post in r/ccna
2
Gabe406 2 points

I just finished both SECFND and SECOPS from Cohort 6. I have to say it is very demanding especially if your experience is beginner in IT security. There are 14 Sections in SECFND and 15 in SECOPS. I personally found that SECFND was more challenging than SECOPS. What makes the time so important is that there are challenge questions at the end of each section. You can take them as many times as you want but must get at least a bronze score badge. You must complete all challenge questions and badges to qualify for your first voucher. This is where timing is critical. There is a date set when vouchers are sent out. You can then schedule the test. If you fail you can request a second voucher. There are deadlines. A deadline for the last day you can request a voucher and a last day you can use a voucher. Remember as your are preparing for your SECFND exam the SECOPS continues on so depending on your learning curve you may be overlapping in studies.

I was studying too slow for the SECFND and had to briefly go through the sections to get my vouchers in time. The problem I ran into was I could not dedicate 2 hours everyday. The mentors recommend 2 sections per week with each section having anywhere from 10 to 20 subsections each. Each subsection can take 15 to 20 minutes to review but your mileage may vary. And depending on the content and how you understand it, it may take more time to make the information stick. The other thing I found out was that using the OCG provides insurance to pass the test. It fills in some gaps that I could not find in the course. So this added more time to study.

Along with each section I forgot to mention that there is one main lab for each section. These are not required to get a voucher but they do help in grasping the information being presented.

Not sure of this but vouchers were only being sent out on Thursdays. Once SECFND is done you have more breathing room to study SECOPS and schedule the exam.

My tip is to get the dates from your Cohort and map out the specific voucher dates. Know when the vouchers will first be available. Know when the last date you can request a voucher. Know when the vouchers expire. There are resources in your cohort which will show critical timelines. This will help you plan out a study schedule.

Once you get your first voucher schedule the exam as soon as possible. This will allow you some time to request a second voucher and schedule the exam before the voucher expiration. I have seen several posts of students that ran out of time and could not request a second voucher. You will not be able to get your vouchers if you pass a deadline.

I am including the Cohort 6 timelines to help you get an idea of what to expect. First are course timelines:

Week 0 April 7 Deadline: Log Into the MyLearning System & Update Your Profile

Week 4 April 30 SECFND Halfway Point

Week 7 May 21 Deadline: SECFND Completed

Week 10 June 11 SECOPS Halfway Point

Week 15 July 16 Deadline: SECOPS Completed

Week 17 August 2 Program Ends & Access is Removed

The following dates are considered drop dates. If a student has not completed the required levels of completion in the eLearning Materials by the dates below, they are subject to removal from the program.

Week 4 April 30 Students that have not logged into the system

Week 10 June 16 Students that have not completed the SECFND course

These are Voucher timelines

Vouchers

Week 4 May 2 SECFND Vouchers will be made available

Week 8 May 31 SECOPS Vouchers will be made available

Week 10 June 21 Last Day of SECFND Voucher Distribution*

Week 12 June 30 SECFND Vouchers Expire

After Cohort Ends August 28

Last Day of SECOPS Voucher Distribution*

After Cohort Ends September 7 SECOPS Vouchers Expire

madmike78 1 point

I am also in Cohort 6 --- i had a lot of family issues pop up and am way behind. I am just now finishing Chapter 3 in SecOps. Do you think 100 hours is an accurate estimate of how many hours it takes to go through all the chapters and labs?

DontStopNowBaby 1 point

Oh man, you got a week to finish it.

madmike78 1 point

12 more days ... AC went out this weekend ... still managed to make it to chapter 8 ... i might barely make it through the materials --- that will give me 2 weeks of review. It's going to be a tight squeeze

32
rapidprogram 1 point

dump not available :'( any chance of a reupload?

madmike78 2 points
rapidprogram 2 points

Can I tell you I love you, without adding a no homo, while still not appearing like a homo? :p

madmike78 1 point

it's all good .... no homo .... hope it was helpful

madmike78 commented on a post in r/ccna
4
madmike78 2 points

.... will she even notice?

j/k

for practical purposes, it is good to know the IOS naming conventions to be able to wisely choose the appropriate software for your device.

for test-taking purposes, I have never seen an IOS version question on a Cisco exam.

Discrete_Number 1 point

I’d consider replacing the router for a MikroTik one. Maybe the hAP AC.

I don’t like filtering content to kids (I think that doesn’t help, but that’s me anyway). You can achieve it easily by redirecting the DNS queries originated in hosts in a specific VLAN to the OpenDNS’s Family Shield DNS servers unconditionally. That would be a single NAT rule.

madmike78 1 point

This is the router I am using to extend my network:

https://mikrotik.com/product/RB952Ui-5ac2nD#fndtn-specifications

normally, I would not filter either ... but due to unfortunate circumstances it is necessary to protect someone from them-self.

the DD-WRT iptables caused a significant slowdown with the dstnat .. so I want to put the MikroTik there and see if it improves performance ... and I am using OpenDNS as my resolver .... too bad I can't make my ISP router resolve from there.

Discrete_Number 1 point

I see. Can you add more details about the network segments in use and the devices that are doing NAT ?

IMHO, ideally you would do NAT only in your border router. I just want to make sure you’re not daisy-chaining routers doing NAT or something like that.

Another thing to check is wireless settings.

madmike78 1 point

I am not currently able to get dstnat working right, so currently the only thing to NAT is the ISP router (PAT). I agree that daisy chaining is not ideal ... but I do not have a way to run cabling through the house in a way that keeps people from tripping over it.

Load more comments
madmike78 commented on a post in r/ccna
a_cute_epic_axis 1 point

Try: "Cisco gave me money to pass exam to seed the holders of a new cert that they made up in hopes of being able to charge people out the ass starting in the near future."

madmike78 0 points

not exactly accurate, they are trying to get their foot in the door with a cyber security certification. they are already recognized as an industry standard for routing and switching, so they are augmenting their existing certification tracks.

a_cute_epic_axis 1 point

Considering that certificate holders apparently cannot describe what the certificate is for, how is that working out for them?

madmike78 0 points

a certificate holder ....

view more:
next ›
1,896 Karma
371 Post Karma
1,525 Comment Karma

Following this user will show all the posts they make to their profile on your front page.

About madmike78

  • Reddit Birthday

    September 23, 2014

Other Interesting Profiles

    Want to make posts on your
    own profile?

    Sign up to test the Reddit post to profile beta.

    Sign up