This is a scary thought if you’re a business

I just read an article that for me had one of the most disturbing things ever written

And employees are becoming more and more willing to do just that, according to a study released earlier this week by Cyber-Ark Software. According to the study, 56 percent of workers surveyed admit to being worried about losing their jobs. “Alarmingly, in preparation, more than half have already downloaded competitive corporate data and plan to use the information as a negotiating tool to secure their next post,” the study says. In Holland, 71 percent of workers confessed to having already downloaded data; 58 percent of U.S. workers say they have done so.

I can’t imagine being that hard up that I would do something like that. just think about for a minute. Close to 3 in 5 people are actively stealing data from your company. Read the full article here.

IP telephony notes from BCMSN book

Read them online now or download the pdf for later. Continue reading ‘IP telephony notes from BCMSN book’

Notes on router redundancy

Release early, release often… my notes on router redundancy from Chapter 13 of the BCMSN book

redundancy-notes

The BCMSN exam

Yesterday I took the 642-812 and failed. Not by much, but enough to be really disappointed in myself (maybe 1 question). The three areas I did poorly in are the areas I rarely deal with: redundancy, voice, and port-security. Disappointing because as security engineer I should know a little more about redundancy and especially port-security but I don’t. I don’t really remember much being on the exam about port-sec but it must have been enough to trip me up.

The voice questions, those make me unhappy. I looked up the questions I know I probably got wrong and I can safely say, they are not covered in the BCMSN book from Cisco Press. Perhaps they were simply some of the “trial” questions they are planning on using in the future, maybe they were legit questions and actually counted. Either way, they threw me for a loop. If they were legit, you need to know much more than is stated on the topic list.

At least I know the know areas where I am weak and can spend the next week reviewing. I’ll post my notes here as I go through stuff.

How to study for a Cisco exam

So, in the last year I have studied for and passed a number of Cisco exams. I’ve even been able to retain a good portion of the stuff I have learned. Some people have asked me how I do it and it is simple: I study, a lot.

I get into study mode and I just keep going because I know if I don’t, I’ll slow down and won’t study or take any exams. This happened to me after I took my first Microsoft exam. Rather than getting the study materials and books, and jumping right in, I took a break and then didn’t take my next exam for almost four months. Sure most people would say that isn’t a terrible length of time, but for me it was. I wasn’t actively studying or preparing other than my daily work responsibilities. When I finally did start studying, I really pushed it and didn’t study as hard as I should have. I was able to pass my practice exams but when I took the real exam, I barely passed. It wasn’t a comfortable feeling for me because exams can get expensive. Now I prepare completely differently.

First I order the self-study materials for the exam(s) I want to take. Cisco Press has a great deal that if you order so many books you get a discount of 35% so I try to order a few books at a time. Amazon is also a great resource for ordering books. Self-Test Software has decent practice tests to make sure you know the material, but for the most I just use the practice tests included with the Cisco books.

Once my books arrive I begin reading them. I take them everywhere I can and read them constantly. Depending on the topic, I tend to study one chapter a day. I feel this allows me plenty of time to read and absorb the material. After I have read the book, I begin reviewing the study questions and install the software if there is any included with the book. The new CCNA books had great study materials on the discs included. The CCSP books didn’t really have much. The books for those exams are mostly reference books and will do you good if you keep them on your shelf for reference.

As I go through the practice exams and study materials I make notes on the topics that I really don’t understand well and then I look them up on Cisco’s web site and read their documentation. Doing that alone will expand your knowledge and understanding more than anything else.

Then I practice, practice, practice. I build simulations using dynamips, dynagen and gns3. I go through stuff in the practice exams using my labs. This allows me to type commands over and over until I have them stuck in muscle memory. Before I discovered dynamips, I would open notepad and type everything out. Doing that lets you visualize where you should be your command prompts.

So far doing these things has helped me pass each test the first time. I know a couple of people who have had to retake the CCNA multiple times to pass and I tell them the same things: Read the books, do labs, read Cisco documentation, do some more labs, take practice tests, wash, rinse, repeat.

Fedora 9 Security Guide

Security Guide/9 – FedoraProject – good reference for those just getting started securing their linux box.

Beware of what you download

There have been some changes, now the malware file you download is actually named adobe_flash.exe.

Facebook Worm Spreads Rapidly. Watch Where You Get Your Flash Player – Security Watch

A worm is spreading through MySpace and Facebook users. Most of the action, as usual, seems to be on Facebook.

The worm was originally written up by Kaspersky about a week ago. They designated the MySpace and Facebook versions as Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b respectively, and say that the worm is adaptable to other environments.

The funny things infosec people put in their bios

What’s so funny about security? Black Hat bios show a humorous side – Network World

LAS VEGAS — What’s so funny about information security? A lot if you read some of the bios that security experts have written about themselves in the official Black Hat conference guide. A tip of the Black Hat to the funniest excerpts from the official bios:

Rod Beckstrom, director of the National Cyber Security Center in the U.S. Department of Homeland Security, in addition to a million other things written in his bio, says in 2003 before his current job “he co-founded a peace network of CEOs which initiated Track II diplomatic talks between India and Pakistan. This group took symbolic actions which led to opening the borders to citizens, trade and contributed to ending the recent Indo-Pak war.”