The Stuxnet worm is the first known malicious software designed to destroy or sabotage factories, power plants, refineries or other industrial installations.
We are used to Trojans and viruses roaming the internet harming computers and causing financial damage, but Stuxnet is in a league of its own.
The worm targets closed and highly secure industrial networks.
After being introduced with a USB key, Stuxnet slips past four previously unknown vulnerabilities in the Windows operating system, so-called "zero day" vulnerabilities.
It is rare for malicious software to exploit even two of them.
Each one can take months for hackers to identify and more time to write software to exploit.
The worm then hunts for specific types of computers made by German company Siemens.
Having found its host, it lies dormant, waiting for a certain moment to override the computer's control of industrial machinery, with potentially disastrous consequences.
This new breed of malware could wreak the kind of damage only previously seen in Hollywood disaster films.
Imagine a nuclear power station's cooling system being overridden, for example.
Or a railway's signals system thrown into chaos.
Experts estimate developing the Stuxnet worm would have taken a highly specialised team between six months to a year.
Israeli cybersecurity strategist Gadi Evron says the worm is so advanced it is almost certainly state-sponsored.
"This would require a lot of resources on the level of a nation state.
"Taking into account the intelligence required to attack a specific target, it would be virtually impossible that this is a lone attacker sitting at home."
Less impressive, though, is the spread of the worm's infection.
"The attack managed to infect, over several months, something like 30,000 to 50,000 PCs in many facilities and corporations worldwide," Uri Rivner from internet security company RSA told Sky News.
Such a wide dissemination has helped expose the worm's existence and helped efforts to neutralise it.
It also raises questions about the likely target for the worm.
Iran says computers at its nuclear plant in Bushehr have been compromised by the worm but will not reveal the extent of the damage.
Some figures suggest 60% of the Stuxnet infections are in Iran.
That has led to a highly speculative finger of blame being pointed at Israel.
Is the Jewish state trying to disrupt Iran's alleged nuclear weapons programme?
We will probably never know. Other unknowns also remain. Has the worm already achieved its goal, or is it lying in wait to carry out its sabotage? Is Iran the intended victim, are other countries at risk?
And, more worryingly, the worm is a trailblazer.
Other hackers can learn from its pioneering methods to produce more sophisticated malware threatening other networks in the future.
Wednesday, September 29, 2010
Wednesday, September 22, 2010
Courses in Institute of NanoTech
I am so pleased in bringing the facility towards your doorstep in supporting our community to grow in Information Technology.The courses which are offered here is highly and equally standard to the courses which are conducted by the major institutions in the major cities.My aim is to provide the same facility to my Village yougsters who are willing to walk forward in the Information Technology field while obtaining a good carrier in their life.Hope almighty allah will be with me for this service....
COURSES
1.IIntroduction to Information Technology-Fundamentals of Hardware and Networking,Fundamentals of Operating systems such windows and Linux,Fundamentals of Programming Languages such C++,Java,.Net,Fundamentals of web design and Development such PHP,Mysql,Photoshop,Dream weaver....
2.Diploma in Hardware and Networking-Computer peripherals-CPU,VDU,Input Devices,Output Devices,Processor histories and types-Pentium 1,11,111,1v,v,Pentium D,Dual Core,Core 2 Duo,Core 2 Duo Quad,Celeron,AMD etc.....,Windows XP,Vista,Windows 7,Windows server 2003 ,Windows Server 2008,Fedora 13,Ubuntu 10.10,Red Hat Enterprise Linux 5.5 etc.. installation and configuration.DHCP,DNS,Proxy,Subnetting,RRAS,WSUS etc.......
3.MCP-Windows Vista Windows 7 client Operating system and Windows Server 2003 or Windows Server 2008 for Server operating System.
4. MCSA-Windows Vista or Windows 7,Windows Server 2003/Windows Server 2008,Exchange Server 2003 or 2007
5.MCSE-All 8 Modules for MCSE
6.MCTS-Windows Server 2008 or Windows 7
7.Web Design and Development-Php,Mysql,Dream Weaver,Photoshop and Flash.
8.Micorsoft Certified Desktoptop Publishing Technician
9.Microsoft Certified Database Administrator
10.Office Programme-Microsoft Office 2010-Word,Excel,Powerpoint,Outlook,Publisher,Infopath and Access
11.Computer for Kids-Typing practice,Office 2010,Operating System functions....
12.Cisco Certified Network Associate-640-802,security,voice etc....
13.Cisco Certified Network Professional-Route,Switching and Troubleshoot
I welcome you to come and enjoy the benefits fo NanoTech to enhance your carrier in the Information Technology Field.....
COURSES
1.IIntroduction to Information Technology-Fundamentals of Hardware and Networking,Fundamentals of Operating systems such windows and Linux,Fundamentals of Programming Languages such C++,Java,.Net,Fundamentals of web design and Development such PHP,Mysql,Photoshop,Dream weaver....
2.Diploma in Hardware and Networking-Computer peripherals-CPU,VDU,Input Devices,Output Devices,Processor histories and types-Pentium 1,11,111,1v,v,Pentium D,Dual Core,Core 2 Duo,Core 2 Duo Quad,Celeron,AMD etc.....,Windows XP,Vista,Windows 7,Windows server 2003 ,Windows Server 2008,Fedora 13,Ubuntu 10.10,Red Hat Enterprise Linux 5.5 etc.. installation and configuration.DHCP,DNS,Proxy,Subnetting,RRAS,WSUS etc.......
3.MCP-Windows Vista Windows 7 client Operating system and Windows Server 2003 or Windows Server 2008 for Server operating System.
4. MCSA-Windows Vista or Windows 7,Windows Server 2003/Windows Server 2008,Exchange Server 2003 or 2007
5.MCSE-All 8 Modules for MCSE
6.MCTS-Windows Server 2008 or Windows 7
7.Web Design and Development-Php,Mysql,Dream Weaver,Photoshop and Flash.
8.Micorsoft Certified Desktoptop Publishing Technician
9.Microsoft Certified Database Administrator
10.Office Programme-Microsoft Office 2010-Word,Excel,Powerpoint,Outlook,Publisher,Infopath and Access
11.Computer for Kids-Typing practice,Office 2010,Operating System functions....
12.Cisco Certified Network Associate-640-802,security,voice etc....
13.Cisco Certified Network Professional-Route,Switching and Troubleshoot
I welcome you to come and enjoy the benefits fo NanoTech to enhance your carrier in the Information Technology Field.....
Wednesday, July 14, 2010
How to Import and Export your SSL Certificate in IIS
Microsoft IIS 5/6 PFX Export/Import Explained
How to Import and Export your SSL Certificate in IIS
PFX Backup Tutorial for Microsoft IIS 5/6 Servers
The PFX extension is used on Windows servers for files containing both the public key files (your SSL certificate files, provided by DigiCert) and the associated private key (generated by your server at the time the CSR was generated).
Since both the public and private keys are needed for an SSL certificate to function, a PFX backup is always needed to transfer an SSL server security certificate from one server to another.
This tutorial explains how to back up your certificate from a working server, import the certificate to a second server, and then enable the certificate for use on the new server. If you have not yet installed the certificate files you received from DigiCert to the server that generated your CSR, please see our IIS 5/6 installation instructions.
Exporting/Backing up your certificate/Private Key (to .pfx file format)
1. From the Start menu, select "Run...". Type "mmc" and hit Enter.
2. Under the File menu choose Add/Remove Snap in.
3. Click Add, then from the Add Standalone Snap-in panel choose Certificates, and click Add.
4. Choose Computer Account and click Next, then choose Local Computer and click Finish.
5. Close the Add Standalone Snap-In window by clicking Close.
6. Close the Add/Remove Snap-in window by clicking Ok.
7. Click the + to Expand the Certificates (Local Computer) Console Tree
8. Look for the Personal directory/folder and expand Certificates.
9. Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export
10. Follow the Certificate Export Wizard to backup your certificate to a .pfx file
11. Choose to 'Yes, export the private key'
12. Choose to include all certificates in certificate path if possible. (do NOT select the delete Private Key option)
13. Leave default settings > Enter Password (if required)
14. Choose to save file on a set location
15. Finish
16. You will receive a message > Export Successful
17. The .pfx file backup is now saved in the location you selected.
Importing your Certificate/Private Key (from .pfx file format)
1. From the Start menu, select "Run...". Type "mmc" and hit Enter.
2. Under the File menu choose Add/Remove Snap in.
3. Click Add, then from the Add Standalone Snap-in panel choose Certificates, and click Add.
4. Choose Computer Account and click Next, then choose Local Computer and click Finish.
5. Close the Add Standalone Snap-In window by clicking Close.
6. Close the Add/Remove Snap-in window by clicking Ok.
7. Click the + to Expand the Certificates (Local Computer) Console Tree
8. Right click on the Personal Certificates Store (folder)
9. Choose > ALL TASKS > Import
10. Follow the Certificate Import Wizard to import your Primary Certificate from the .pfx file. When prompted, choose to automatically place the certificates in the certificate stores based on the type of the certificate.
11. Close the MMC console. In the case that you are prompted, it is not necessary to save the changes made to the MMC console.
Configuring Your Site - IIS 5/6
1. In your IIS manager, right-click on the site that you would like to use the certificate and select properties.
2. Click on the Directory Security Tab and hit the Server Certificate Button. This will start the server certificate wizard.
3. If given the option, Choose to 'Assign an existing certificate' to the site and choose the new certificate that you just imported.
If you do not have that option, you should be asked what you want to do with the current certificate on the site, choose the option to "replace" your current certificate.
4. Browse to the .pfx file that you created earlier.
5. Finish the certificate wizard.
Occassionally a server or IIS restart is required before your server will recognize the new certificate.
How to Import and Export your SSL Certificate in IIS
PFX Backup Tutorial for Microsoft IIS 5/6 Servers
The PFX extension is used on Windows servers for files containing both the public key files (your SSL certificate files, provided by DigiCert) and the associated private key (generated by your server at the time the CSR was generated).
Since both the public and private keys are needed for an SSL certificate to function, a PFX backup is always needed to transfer an SSL server security certificate from one server to another.
This tutorial explains how to back up your certificate from a working server, import the certificate to a second server, and then enable the certificate for use on the new server. If you have not yet installed the certificate files you received from DigiCert to the server that generated your CSR, please see our IIS 5/6 installation instructions.
Exporting/Backing up your certificate/Private Key (to .pfx file format)
1. From the Start menu, select "Run...". Type "mmc" and hit Enter.
2. Under the File menu choose Add/Remove Snap in.
3. Click Add, then from the Add Standalone Snap-in panel choose Certificates, and click Add.
4. Choose Computer Account and click Next, then choose Local Computer and click Finish.
5. Close the Add Standalone Snap-In window by clicking Close.
6. Close the Add/Remove Snap-in window by clicking Ok.
7. Click the + to Expand the Certificates (Local Computer) Console Tree
8. Look for the Personal directory/folder and expand Certificates.
9. Right Click on the Certificate you would like to backup and choose > ALL TASKS > Export
10. Follow the Certificate Export Wizard to backup your certificate to a .pfx file
11. Choose to 'Yes, export the private key'
12. Choose to include all certificates in certificate path if possible. (do NOT select the delete Private Key option)
13. Leave default settings > Enter Password (if required)
14. Choose to save file on a set location
15. Finish
16. You will receive a message > Export Successful
17. The .pfx file backup is now saved in the location you selected.
Importing your Certificate/Private Key (from .pfx file format)
1. From the Start menu, select "Run...". Type "mmc" and hit Enter.
2. Under the File menu choose Add/Remove Snap in.
3. Click Add, then from the Add Standalone Snap-in panel choose Certificates, and click Add.
4. Choose Computer Account and click Next, then choose Local Computer and click Finish.
5. Close the Add Standalone Snap-In window by clicking Close.
6. Close the Add/Remove Snap-in window by clicking Ok.
7. Click the + to Expand the Certificates (Local Computer) Console Tree
8. Right click on the Personal Certificates Store (folder)
9. Choose > ALL TASKS > Import
10. Follow the Certificate Import Wizard to import your Primary Certificate from the .pfx file. When prompted, choose to automatically place the certificates in the certificate stores based on the type of the certificate.
11. Close the MMC console. In the case that you are prompted, it is not necessary to save the changes made to the MMC console.
Configuring Your Site - IIS 5/6
1. In your IIS manager, right-click on the site that you would like to use the certificate and select properties.
2. Click on the Directory Security Tab and hit the Server Certificate Button. This will start the server certificate wizard.
3. If given the option, Choose to 'Assign an existing certificate' to the site and choose the new certificate that you just imported.
If you do not have that option, you should be asked what you want to do with the current certificate on the site, choose the option to "replace" your current certificate.
4. Browse to the .pfx file that you created earlier.
5. Finish the certificate wizard.
Occassionally a server or IIS restart is required before your server will recognize the new certificate.
Tuesday, June 22, 2010
Windows IIS server hardening checklist
General
Accounts
Files and Directories
Shares
Ports
Registry
Auditing and Logging
Sites and Virtual Directories
Script Mappings
ISAPI Filters
IIS Metabase
Server Certificates
Machine.config
Windows IIS server hardening checklist
General
Do not connect an IIS Server to the Internet until it is fully hardened.
Place the server in a physically secure location.
Do not install the IIS server on a domain controller.
Do not install a printer.
Use two network interfaces in the server -- one for admin and one for the network.
Install service packs, patches and hot fixes.
Run IISLockdown run on the server.
Install and configure URLScan.
Secure remote administration of the server and configure for encryption, low session time-outs and account lockouts.
Disable unnecessary Windows services.
Ensure services are running with least-privileged accounts.
Disable FTP, SMTP and NNTP services if they are not required.
Disable Telnet service.
Disable ASP.NET state service if not used by your applications.
Disable webDAV if not used by the application, or secure it if it is required. (See How To: Create a secure webDAV Publishing Directory at support.microsoft.com.)
Do not install Data Access Components unless specifically needed.
Do not install the HTML version of the Internet Services Manager.
Do not install the MS Index Server unless required.
Do not install the MS FrontPage Server extensions unless required.
Harden TCP/IP stack.
Disable NetBIOS and SMB (closing ports 137, 138, 139 and 445).
Reconfigure Recycle Bin and Page file system data policies.
Secure CMOS settings.
Secure physical media (floppy drive, CD-ROM drive and so on).
Windows IIS server hardening checklist
Accounts
Remove unused accounts from the server.
Disable Windows Guest account.
Rename Administrator account and set a strong password.
Disable IUSR_MACHINE account if it is not used by the application.
Create a custom least-privileged anonymous account if applications require anonymous access.
Do not give the anonymous account write access to Web content directories or allow it to execute command-line tools.
If you host multiple Web applications, configure a separate anonymous user account for each one.
Configure ASP.NET process account for least privilege. (This only applies if you are not using the default ASP.NET account, which is a least-privileged account.)
Enforce strong account and password policies for the server.
Restrict remote logons. (The "Access this computer from the network" user-right is removed from the Everyone group.)
Do not share accounts among administrators.
Disable Null sessions (anonymous logons).
Require approval for account delegation.
Do not allow users and administrators to share accounts.
Do not create more than two accounts in the Administrators group.
Require administrators to log on locally or secure the remote administration solution.
Windows IIS server hardening checklist
Files and Directories
Use multiple disks or partition volumes and do not install the Web server home directory on the same volume as the operating system folders.
Contain files and directories on NTFS volumes.
Put Web site content on a non-system NTFS volume.
Create a new site and disable the default site.
Put log files on a non-system NTFS volume but not on the same volume where the Web site content resides.
Restrict the Everyone group (no access to \WINNT\system32 or Web directories).
Ensure Web site root directory has deny write ACE for anonymous Internet accounts.
Ensure content directories have deny write ACE for anonymous Internet accounts.
Remove remote IIS administration application (\WINNT\System32%#92;Inetsrv\IISAdmin).
Remove resource kit tools, utilities and SDKs.
Remove sample applications (\WINNT\Help\IISHelp, \Inetpub\IISSamples).
Remove IP address in header for Content-Location.
Windows IIS server hardening checklist
Shares
Remove all unnecessary shares (including default administration shares).
Restrict access to required shares (the Everyone group does not have access).
Remove Administrative shares (C$ and Admin$) if they are not required (Microsoft Management Server (SMS) and Microsoft Operations Manager (MOM) require these shares).
Windows IIS server hardening checklist
Ports
Restrict Internet-facing interfaces to port 80 (and 443 if SSL is used).
Run IISLockdown run on the server.
Windows IIS server hardening checklist
Registry
Restrict remote registry access.
Secure SAM (HKLM\System\CurrentControlSet\Control\LSA\NoLMHash). This applies only to standalone servers.
Windows IIS server hardening checklist
Auditing and Logging
Audit failed logon attempts.
Relocate and secure IIS log files.
Configure log files with an appropriate file size depending on the application security requirement.
Regularly archive and analyze log files.
Audit access to the Metabase.bin file.
Configure IIS for W3C Extended log file format auditing.
Read How to use SQL Server to analyze Web logs at support.microsoft.com
Windows IIS server hardening checklist
Sites and Virtual Directories
Put Web sites on a non-system partition.
Disable "Parent paths" setting.
Remove potentially dangerous virtual directories including IISSamples, IISAdmin, IISHelp and Scripts.
Remove or secure MSADC virtual directory (RDS).
Do not grant included directories Read Web permission.
Restrict Write and Execute Web permissions for anonymous accounts in virtual directories.
Ensure there is script source access only on folders that support content authoring.
Ensure there is write access only on folders that support content authoring and these folders are configured for authentication (and SSL encryption, if required).
Remove FrontPage Server Extensions (FPSE) if not used. If FPSE are used, update and restrict access to them.
Remove the IIS Internet Printing virtual directory.
Windows IIS server hardening checklist
Script Mappings
Map extensions not used by the application to 404.dll (.idq, .htw, .ida, .shtml, .shtm, .stm, idc, .htr, .printer).
Map unnecessary ASP.NET file type extensions to "HttpForbiddenHandler" in Machine.config.
Windows IIS server hardening checklist
ISAPI Filters
Remove from the server unnecessary or unused ISAPI filters.
Windows IIS server hardening checklist
IIS Metabase
Restrict access to the metabase by using NTFS permissions (%systemroot%\system32\inetsrv\metabase.bin).
Restrict IIS banner information (Disable IP address in content location).
Windows IIS server hardening checklist
Server Certificates
Ensure certificate date ranges are valid.
Only use certificates for their intended purpose (For example, the server certificate is not used for e-mail).
Ensure the certificate's public key is valid, all the way to a trusted root authority.
Confirm that the certificate has not been revoked.
Windows IIS server hardening checklist
Machine.config
Map protected resources to HttpForbiddenHandler.
Remove unused HttpModules.
Disable tracing.
Turn off debug compiles.
Accounts
Files and Directories
Shares
Ports
Registry
Auditing and Logging
Sites and Virtual Directories
Script Mappings
ISAPI Filters
IIS Metabase
Server Certificates
Machine.config
Windows IIS server hardening checklist
General
Do not connect an IIS Server to the Internet until it is fully hardened.
Place the server in a physically secure location.
Do not install the IIS server on a domain controller.
Do not install a printer.
Use two network interfaces in the server -- one for admin and one for the network.
Install service packs, patches and hot fixes.
Run IISLockdown run on the server.
Install and configure URLScan.
Secure remote administration of the server and configure for encryption, low session time-outs and account lockouts.
Disable unnecessary Windows services.
Ensure services are running with least-privileged accounts.
Disable FTP, SMTP and NNTP services if they are not required.
Disable Telnet service.
Disable ASP.NET state service if not used by your applications.
Disable webDAV if not used by the application, or secure it if it is required. (See How To: Create a secure webDAV Publishing Directory at support.microsoft.com.)
Do not install Data Access Components unless specifically needed.
Do not install the HTML version of the Internet Services Manager.
Do not install the MS Index Server unless required.
Do not install the MS FrontPage Server extensions unless required.
Harden TCP/IP stack.
Disable NetBIOS and SMB (closing ports 137, 138, 139 and 445).
Reconfigure Recycle Bin and Page file system data policies.
Secure CMOS settings.
Secure physical media (floppy drive, CD-ROM drive and so on).
Windows IIS server hardening checklist
Accounts
Remove unused accounts from the server.
Disable Windows Guest account.
Rename Administrator account and set a strong password.
Disable IUSR_MACHINE account if it is not used by the application.
Create a custom least-privileged anonymous account if applications require anonymous access.
Do not give the anonymous account write access to Web content directories or allow it to execute command-line tools.
If you host multiple Web applications, configure a separate anonymous user account for each one.
Configure ASP.NET process account for least privilege. (This only applies if you are not using the default ASP.NET account, which is a least-privileged account.)
Enforce strong account and password policies for the server.
Restrict remote logons. (The "Access this computer from the network" user-right is removed from the Everyone group.)
Do not share accounts among administrators.
Disable Null sessions (anonymous logons).
Require approval for account delegation.
Do not allow users and administrators to share accounts.
Do not create more than two accounts in the Administrators group.
Require administrators to log on locally or secure the remote administration solution.
Windows IIS server hardening checklist
Files and Directories
Use multiple disks or partition volumes and do not install the Web server home directory on the same volume as the operating system folders.
Contain files and directories on NTFS volumes.
Put Web site content on a non-system NTFS volume.
Create a new site and disable the default site.
Put log files on a non-system NTFS volume but not on the same volume where the Web site content resides.
Restrict the Everyone group (no access to \WINNT\system32 or Web directories).
Ensure Web site root directory has deny write ACE for anonymous Internet accounts.
Ensure content directories have deny write ACE for anonymous Internet accounts.
Remove remote IIS administration application (\WINNT\System32%#92;Inetsrv\IISAdmin).
Remove resource kit tools, utilities and SDKs.
Remove sample applications (\WINNT\Help\IISHelp, \Inetpub\IISSamples).
Remove IP address in header for Content-Location.
Windows IIS server hardening checklist
Shares
Remove all unnecessary shares (including default administration shares).
Restrict access to required shares (the Everyone group does not have access).
Remove Administrative shares (C$ and Admin$) if they are not required (Microsoft Management Server (SMS) and Microsoft Operations Manager (MOM) require these shares).
Windows IIS server hardening checklist
Ports
Restrict Internet-facing interfaces to port 80 (and 443 if SSL is used).
Run IISLockdown run on the server.
Windows IIS server hardening checklist
Registry
Restrict remote registry access.
Secure SAM (HKLM\System\CurrentControlSet\Control\LSA\NoLMHash). This applies only to standalone servers.
Windows IIS server hardening checklist
Auditing and Logging
Audit failed logon attempts.
Relocate and secure IIS log files.
Configure log files with an appropriate file size depending on the application security requirement.
Regularly archive and analyze log files.
Audit access to the Metabase.bin file.
Configure IIS for W3C Extended log file format auditing.
Read How to use SQL Server to analyze Web logs at support.microsoft.com
Windows IIS server hardening checklist
Sites and Virtual Directories
Put Web sites on a non-system partition.
Disable "Parent paths" setting.
Remove potentially dangerous virtual directories including IISSamples, IISAdmin, IISHelp and Scripts.
Remove or secure MSADC virtual directory (RDS).
Do not grant included directories Read Web permission.
Restrict Write and Execute Web permissions for anonymous accounts in virtual directories.
Ensure there is script source access only on folders that support content authoring.
Ensure there is write access only on folders that support content authoring and these folders are configured for authentication (and SSL encryption, if required).
Remove FrontPage Server Extensions (FPSE) if not used. If FPSE are used, update and restrict access to them.
Remove the IIS Internet Printing virtual directory.
Windows IIS server hardening checklist
Script Mappings
Map extensions not used by the application to 404.dll (.idq, .htw, .ida, .shtml, .shtm, .stm, idc, .htr, .printer).
Map unnecessary ASP.NET file type extensions to "HttpForbiddenHandler" in Machine.config.
Windows IIS server hardening checklist
ISAPI Filters
Remove from the server unnecessary or unused ISAPI filters.
Windows IIS server hardening checklist
IIS Metabase
Restrict access to the metabase by using NTFS permissions (%systemroot%\system32\inetsrv\metabase.bin).
Restrict IIS banner information (Disable IP address in content location).
Windows IIS server hardening checklist
Server Certificates
Ensure certificate date ranges are valid.
Only use certificates for their intended purpose (For example, the server certificate is not used for e-mail).
Ensure the certificate's public key is valid, all the way to a trusted root authority.
Confirm that the certificate has not been revoked.
Windows IIS server hardening checklist
Machine.config
Map protected resources to HttpForbiddenHandler.
Remove unused HttpModules.
Disable tracing.
Turn off debug compiles.
The world’s top ten most filling foods
We all know we need to eat less to lose weight but doing so can be much harder ‘said’ than ‘done’ when hunger pangs, food cravings and the irresistible urge to snack takes hold.…
20 Comments
Like that
(13)
Send
Share
Print
Share this page
*
Facebook
*
Bebo
*
Myspace
*
Twitter
*
Delicious
Posted By Rachael Anne Hill, Mon 14 Jun, 2010 10:21AM GMT
We all know we need to eat less to lose weight but doing so can be much harder ‘said’ than ‘done’ when hunger pangs, food cravings and the irresistible urge to snack takes hold. That’s why the ‘Satiety Index’ developed by experts at the University of Sydney really can be a dieters best friend.
What is the ‘Satiety Index’?
At its simplest, the satiety index, is a measure of how long a particular food will stop you from feeling hungry. It was first developed by Dr Susanne Holt back in 1995. Holt and her colleagues fed volunteers 240 calorie portions of a wide variety of different foods in an attempt to discover which would be the most filling. The foods were served from under a hood to minimize the influence of appearance, and, if possible, they were served at the same temperature and in the same size chunks.
After eating, the volunteers told the researchers what their appetite ratings were, but they were not allowed anything else for the next two hours. Then, after two hours, they were allowed to eat from a small buffet where the scientists measured how much they nibbled from a variety of other foods. Their consumption was closely monitored, and every 15 minutes they were questioned about their hunger to see if their subjective impression of satisfaction matched their eating behaviour. Using this information, Holt and her colleagues were able to put together the satiety index . White bread was taken as the baseline of 100 and other foods were scored on their comparative ability to satisfy hunger. Foods scoring higher than 100 were more satisfying than white bread whereas those scoring under 100 were less satisfying.
So, what are the top ten most filling foods?
1. Potatoes (323% more satisfying than white bread)
2. Fish (225%)
3. Porridge/Oats/Oatmeal (209%)
4. Apples (197%) and Oranges (202%)
5. Wholewheat Pasta (188%)
6. Beef (176%)
7. Beans (168%)
8. Grapes (162%)
9. Wholemeal Bread (157%)
10. Popcorn (154%)
What Makes These Foods So Filling?
Protein
Protein has been shown by numerous studies to be one of the most satiating nutrients. Scientists at the National Institute for Medical Research in France have recently discovered that during it’s digestion, glucose is produced in the small intestine. The liver senses this and relays a message to the brain to slow down or stop eating — an effect that lasts well after the food has been swallowed.
Fibre
Unlike protein, fibre promotes satiety by slowing the rate at which the food is actually digested. It also triggers stretch receptors in the stomach which automatically sends a signal to the brain to stop eating.
Water Content
Foods with a high fluid content such as apples, oranges and grapes also trigger thestretch receptors however, they are mostly made of water and sugars therefore the speed at which they are digested means that, unlike most other high S.I foods initial feelings of fullness can drop of fairly quickly. “This is why” explains Dr Holt “ that when a dieter eats a meal based on several pieces of fruit and some rice cakes (also very quick to digest) they invariably feel ravenous a few hours later. Despite the meal being low in fat and calories it isn’t at all filling. Far better to eat a wholesome salad sandwich on wholegrain bread with some lean protein like tuna or beef and an apple. This kind of meal can keep hunger at bay for a very long time."
Volume
Another thing that increases a food’s S.I rating is it’s bulk. Popcorn for example only contains 55 calories per cup but it takes up a lot of space in the stomach helping to create the feelings of fullness. Fat on the other hand is the exact opposite. At 9 Kcal per gram fat is the most energy dense nutrient we can eat. Just one tablespoon of clotted cream has almost four times more calories than a whole cup of popcorn and yet it takes up far less space in the stomach making it incredibly easy to over consume. Fat greatly enhances the taste of a food too, another reason why we find it so easy to over consume.
Chemical Compounds
The chemical constituents of foods can also make a difference to satiety. Beans and lentils, for example, contain anti-nutrients which delay their absorption. Another reason why they have a tendency to make you feel full for longer.
Chewing
Chewing promotes satiety, partly because it slows down eating but also because it encourages the release of enzymes that register fullness in the brain.
20 Comments
Like that
(13)
Send
Share
Share this page
*
*
Bebo
*
Myspace
*
*
Delicious
Posted By Rachael Anne Hill, Mon 14 Jun, 2010 10:21AM GMT
We all know we need to eat less to lose weight but doing so can be much harder ‘said’ than ‘done’ when hunger pangs, food cravings and the irresistible urge to snack takes hold. That’s why the ‘Satiety Index’ developed by experts at the University of Sydney really can be a dieters best friend.
What is the ‘Satiety Index’?
At its simplest, the satiety index, is a measure of how long a particular food will stop you from feeling hungry. It was first developed by Dr Susanne Holt back in 1995. Holt and her colleagues fed volunteers 240 calorie portions of a wide variety of different foods in an attempt to discover which would be the most filling. The foods were served from under a hood to minimize the influence of appearance, and, if possible, they were served at the same temperature and in the same size chunks.
After eating, the volunteers told the researchers what their appetite ratings were, but they were not allowed anything else for the next two hours. Then, after two hours, they were allowed to eat from a small buffet where the scientists measured how much they nibbled from a variety of other foods. Their consumption was closely monitored, and every 15 minutes they were questioned about their hunger to see if their subjective impression of satisfaction matched their eating behaviour. Using this information, Holt and her colleagues were able to put together the satiety index . White bread was taken as the baseline of 100 and other foods were scored on their comparative ability to satisfy hunger. Foods scoring higher than 100 were more satisfying than white bread whereas those scoring under 100 were less satisfying.
So, what are the top ten most filling foods?
1. Potatoes (323% more satisfying than white bread)
2. Fish (225%)
3. Porridge/Oats/Oatmeal (209%)
4. Apples (197%) and Oranges (202%)
5. Wholewheat Pasta (188%)
6. Beef (176%)
7. Beans (168%)
8. Grapes (162%)
9. Wholemeal Bread (157%)
10. Popcorn (154%)
What Makes These Foods So Filling?
Protein
Protein has been shown by numerous studies to be one of the most satiating nutrients. Scientists at the National Institute for Medical Research in France have recently discovered that during it’s digestion, glucose is produced in the small intestine. The liver senses this and relays a message to the brain to slow down or stop eating — an effect that lasts well after the food has been swallowed.
Fibre
Unlike protein, fibre promotes satiety by slowing the rate at which the food is actually digested. It also triggers stretch receptors in the stomach which automatically sends a signal to the brain to stop eating.
Water Content
Foods with a high fluid content such as apples, oranges and grapes also trigger thestretch receptors however, they are mostly made of water and sugars therefore the speed at which they are digested means that, unlike most other high S.I foods initial feelings of fullness can drop of fairly quickly. “This is why” explains Dr Holt “ that when a dieter eats a meal based on several pieces of fruit and some rice cakes (also very quick to digest) they invariably feel ravenous a few hours later. Despite the meal being low in fat and calories it isn’t at all filling. Far better to eat a wholesome salad sandwich on wholegrain bread with some lean protein like tuna or beef and an apple. This kind of meal can keep hunger at bay for a very long time."
Volume
Another thing that increases a food’s S.I rating is it’s bulk. Popcorn for example only contains 55 calories per cup but it takes up a lot of space in the stomach helping to create the feelings of fullness. Fat on the other hand is the exact opposite. At 9 Kcal per gram fat is the most energy dense nutrient we can eat. Just one tablespoon of clotted cream has almost four times more calories than a whole cup of popcorn and yet it takes up far less space in the stomach making it incredibly easy to over consume. Fat greatly enhances the taste of a food too, another reason why we find it so easy to over consume.
Chemical Compounds
The chemical constituents of foods can also make a difference to satiety. Beans and lentils, for example, contain anti-nutrients which delay their absorption. Another reason why they have a tendency to make you feel full for longer.
Chewing
Chewing promotes satiety, partly because it slows down eating but also because it encourages the release of enzymes that register fullness in the brain.
Tuesday, June 15, 2010
CCIE Routing and Switching Lab Exam Checklist
CCIE Routing and Switching
Expansion of Routing and Switching Lab v4.0 Blueprint
Detailed Checklist of Topics to Be Covered
Please be advised that this topic checklist is not an all-inclusive list of Cisco CCIE Routing and Switching lab exam subjects. Instead, we provide this outline as a supplement to the existing lab blueprint to help candidates prepare for their lab exams. Other relevant or related topics may also appear in the actual lab exam.
We would like to get your feedback please comment and/or rate this document.
Download PDF Now
1.0
Implementing Layer 2 Technologies - Configuring and Troubleshooting Layer 2 Technologies
√
1.01 Frame Relay
1.01.1 Frame Relay Multipoint Links on a Physical Interface Using Inverse ARP
1.01.2 Frame Relay Multipoint Links on a Physical Interface Without Using Inverse ARP
1.01.3. Frame Relay Multipoint Link on a Subinterface Using Inverse ARP
1.01.4. Frame Relay Multipoint Link on a Subinterface Without Using Inverse ARP
1.01.5. Frame Relay Point-to-Point Subinterfaces
1.01.6. PVC with a Multipoint Interface on One Side and a Subinterface on the Other Side
1.01.7. Authentication on a Frame Relay Link Using PPP
1.2 Catalyst Configuration
1.2.01. Trunks Using an Industry-Standard Encapsulation
1.2.02. Trunks Using a Cisco Proprietary Encapsulation
1.2.03. Creating, Deleting, and Editing VLANs
1.2.04. VTP in Client/Server Mode
1.2.05. VTP in Transparent Mode
1.2.06. VTP Authentication
1.2.07. VTP Pruning
1.2.08. Controlling VLANs That Cross a Trunk
1.2.09. Optimizing STP by STP Timers
1.2.10. PortFast
1.2.11. Loop Guard
1.2.12. BPDU Guard
1.2.13. BPDU Filters
1.2.14. UplinkFast
1.2.15. BackboneFast
1.2.16. MSTP
1.2.17. Selecting the Root Bridge for VLANs in a PVST Environment
1.2.18. Selecting the Root Bridge for an MST Instance in an MST Environment
1.2.19. Setting the Port Priority to Designate the Forwarding Ports
1.2.20. EtherChannel Using an Industry-Standard Protocol
1.2.21. EtherChannel Using a Cisco Proprietary Protocol
1.2.22. Disabling Protocols on the EtherChannel
1.2.23. Load-Balancing Type on the EtherChannel
1.2.24. SNMP Management on the Switch
1.2.25. Telnet and SSH Management on the Switch
1.2.26. Controlling Inbound and Outbound Telnet on the Switch
1.2.27. Regular and Smart Macros
1.2.28. Switch Banners
1.2.29. UDLD
1.2.30. Switch Virtual Interfaces (SVIs) for IP Routing
1.2.31. Router on a Stick
1.2.32. SPAN
1.2.33. RSPAN
1.2.34. IP Routing on the Switch Using RIPv2, EIGRP, OSPF, and BGP
1.2.35. IP Phones to Connect to the Catalyst Switch
1.2.36. Dot1q Tunneling
1.3 Other Layer 2 Technologies
1.3.1. HDLC
1.3.2. PPP
1.3.3. PPP over Ethernet
2.0
Implementing IPv4 - Configuring and Troubleshooting IPv4
2.1. IPv4 Addressing
2.1.1. IPv4 Addressing
2.1.2. IPv4 Subnetting
2.1.3. IPv4 VLSM
2.2. OSPFv2
2.2.01. OSPF on a Broadcast Multicast Access Network (Ethernet)
2.2.02. OSPF over a Frame Relay Multipoint Network by Changing Network Types
2.2.03. OSPF over a Frame Relay Multipoint Network by Using the neighbor Command
2.2.04. OSPF over a Frame Relay Point-to-Point Network
2.2.05. Virtual Links
2.2.06. Stub Areas
2.2.07. Totally Stubby Areas
2.2.08. NSSA Areas
2.2.09. NSSA and Stub Areas
2.2.10. NSSA and Totally Stubby Areas
2.3. EIGRP
2.3.1. Basic EIGRP
2.3.2. Passive Interfaces
2.3.3. EIGRP Stub on Routers and Switches
2.3.4. EIGRP Update—Bandwidth Control
2.3.5. Changing the Administrative Distance of EIGRP
2.3.6. Unequal-Cost Load Balancing for EIGRP
2.4. Filtering, Redistribution, and Summarization
2.4.01. Route Filtering for OSPF Within the Area Using a Distribute List with an ACL and Prefix Lists
2.4.02. Route Filtering for OSPF Between Areas
2.4.03. Summarization of OSPF Routes Between Areas
2.4.04. Summarization of External Routers Within OSPF
2.4.05. Filtering with a Distribute List Using an ACL and Prefix Lists
2.4.06. Using Advanced ACLs and a Prefix List for Filtering Routes
2.4.07. Summarizing Routes with EIGRP
2.4.08. Route Summarization for RIP
2.4.09. Redistribution Between OSPF and EIGRP
2.4.10. Redistribution Between RIP and EIGRP
2.4.11. Redistribution Between RIP and OSPF
2.4.12. Redistribution of Directly Connected Routes
2.4.13. Redistribution of Static Routes
2.4.14. Redistribution with Filtering Using ACLs and Prefix Lists
2.4.15 Redistribution with Filtering Using Route Tagging
2.5. IBGP
2.5.1. IBGP Peering
2.5.2. Advertising Routes in BGP
2.5.3. Next-Hop Attribute
2.5.4. Route Reflectors
2.5.5. Redundancy by Neighbor Relationships Based on Loopbacks
2.6. EBGP
2.6.1. EBGP Peering
2.6.2. EBGP Peering Based on Loopbacks
2.7. BGP Advanced Features
2.7.01. Filtering Using ACLs
2.7.02. Filtering Using Prefix Lists
2.7.03. Filtering Using AS Path Filters
2.7.04. Redistributing Connected Routes into BGP
2.7.05. Redistributing Dynamic Routing Protocols into BGP
2.7.06. BGP Aggregation
2.7.07. BGP Aggregation with the Summary Only Parameter
2.7.08. BGP Aggregation with Suppress Maps
2.7.09. BGP Aggregation with Unsuppress Maps
2.7.10. BGP Best-Path Selection – Weight
2.7.11. BGP Best-Path Selection – Local Preference
2.7.12. BGP Best-Path Selection – MED
2.7.13. BGP Communities – No-Export
2.7.14. BGP Communities – No-Advertise
2.7.15. BGP Confederation
2.7.16. BGP Local AS
2.7.17. Working with Private AS Numbers
2.7.18. Route Dampening
2.7.19. Conditional Advertising
2.7.20. Peer Groups
2.8 Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
3.0
Implementing IPv6 - Configuring and Troubleshooting IPv6
3.1. IPv6
3.1.1. IPv6 Addresses
3.1.2 RIPng
3.1.2. OSPFv3
3.1.3. EIGRPv6
3.1.4. IPv6 Tunneling
3.1.5. IPv6 on a Frame Relay Network – Multipoint
3.1.6. IPv6 on a Frame Relay Network – Point-to-Point
3.1.7. Route Filtering with a Distribute List Using an ACL and Prefix Lists
3.1.8. Route Redistribution Between OSPFv3 and EIGRPv6
4.0
Implementing MPLS - Configuring and Troubleshooting MPLS
4.1. MPLS Unicast Routing
4.1.1. MPLS Unicast Routing Using LDP
4.1.2. Controlling Label Distribution
4.2. MPLS VPN
4.2.1. MPLS VPN Using Static Routing Between PE-CE
4.2.2. MPLS VPN Using EIGRP as the PE-CE Routing Protocol
4.2.3. MPLS VPN Using OSPF as the PE-CE Routing Protocol
4.2.4. MPLS VPN Using EBGP as the PE-CE Routing Protocol
4.2.5. Controlling Route Propagation Using the Route Target with Import and Export Maps
4.3. VRF-Lite
4.3.1. VRFs at the Customer Sites Using VRF-Lite
5.0
Implementing IP Multicast - Configuring and Troubleshooting IP Multicast
5.1. PIM and Bidirectional PIM
5.1.1. PIM Dense Mode
5.1.2. PIM on an NMBA Network
5.1.3. PIM Sparse Mode – Static Rendezvous Point
5.1.4. PIM Sparse Mode – Multiple Static Rendezvous Points
5.1.5. PIM Sparse Mode – Auto Rendezvous Point
5.1.6. PIM Sparse Mode with Multiple Rendezvous Points Using the Auto Rendezvous Point
5.1.7. Bidirectional PIM
5.2. MSDP
5.2.1. MSDP
5.2.2. MSDP to an Anycast Rendezvous Point
5.3. Multicast Tools
5.3.1. Multicast Rate Limiting
5.3.2. IGMP Filtering on the Switch
5.3.3. Use of the Switch to Block Multicast Traffic
5.3.4. Multicasting Through a GRE Tunnel
5.3.5. Multicast Helper Address
5.4. IPv6 Multicast
5.4.1. IPv6 Multicast Routing Using PIM
5.4.2. IPv6 Multicast Listener Discovery (MLD) Protocol
6.0
Implementing Network Security - Configuring and Troubleshooting Network Security
6.1. AAA and Security Server Protocols
6.1.1. Use of a Router to Authenticate Against a AAA Server Using TACACS+
6.1.2. Use of a Router to Authenticate Against a AAA Server Using RADIUS
6.1.3. Local Privilege Authorization
6.1.4. Accounting to a AAA Server Using TACACS+
6.1.5. Accounting to a AAA Server Using RADIUS
6.2. Access Lists
6.2.1. Standard Access Lists
6.2.2. Extended Access Lists
6.2.3. Time-Based Access Lists
6.2.4. Reflexive Access Lists
6.3. Routing Protocol Security
6.3.1. Routing Protocol Authentication for EIGRP
6.3.2. Routing Protocol Authentication for OSPF – Area-Wide
6.3.3. Routing Protocol Authentication for OSPF – Interface-Specific
6.3.4. Routing Protocol Authentication for OSPF Virtual Links
6.3.5. Routing Protocol Authentication for BGP
6.4. Catalyst Security
6.4.1. Storm Control
6.4.2. Switch Port Security
6.4.3. Dot1x Authentication
6.4.4. Dot1x Authentication for VLAN Assignment
6.4.5. VLAN Access Maps
6.4.6. DHCP Snooping
6.4.7. DAI
6.4.8. IP Source Guard
6.4.9. Private VLANs
6.5. Cisco IOS and Zone-Based Firewalls
6.5.1. Basic Cisco IOS Firewall
6.5.2. DoS Protection on a Cisco IOS Firewall
6.5.3. Basic Zone-Based Firewall
6.5.4. Zone-Based Firewall with Deep Packet Inspection
6.6. NAT
6.6.1. Dynamic NAT
6.6.2. PAT
6.6.3. Static NAT
6.6.4. Static PAT
6.6.5. Policy-Based NAT
6.7. Other Security Features
6.7.1. Configuring the TCP Intercept Feature
6.7.2. Configuring Blocking of Fragment Attacks
6.7.3. Configuring Switch Security Features
6.7.4. Configuring Antispoofing Using an ACL
6.7.5. Configuring Antispoofing Using uRPF
6.7.6. SSH on Routers and Switches
6.7.7. Cisco IOS IPS
6.7.8. Controlling Telnet and SSH Access to the Router and Switch
7.0
Implementing Network Services - Configuring and Troubleshooting Network Services
7.1. DHCP
7.1.1. Configuring DHCP on a Cisco IOS Router
7.1.2. Configuring DHCP on a Switch
7.1.3. Using a Router and a Switch to Act as a DHCP Relay Agent (Helper Address)
7.2. HSRP
7.2.1. HSRP Between Two Routers
7.2.2. Pre-empt for HSRP
7.2.3. Authentication for HSRP
7.2.4. VRRP
7.2.5. GLBP
7.3. IP Services
7.3.1. Use of the Router for WCCP
7.3.2. Use of the Router to Generate an Exception Dump Using TFTP
7.3.3. Use of the Router to Generate an Exception Dump Using FTP
7.3.4. Use of the Router to Generate an Exception Dump Using RCP
7.3.5. Broadcast Forwarding for Protocols
7.4. System Management
7.4.1. Telnet Management on the Router and Switch
7.4.2. SSH Management on the Router and Switch
7.4.3. Disabling Telnet and the SSH Client on the Switch
7.4.4. HTTP Management on the Router and Switch
7.4.5. Controlling HTTP Management on the Router and Switch
7.5. NTP
7.5.1. NTP Using the NTP Master and NTP Server Commands
7.5.2. NTP Without Using the NTP Server
7.5.3. NTP Using NTP Broadcast Commands
8.0
Implementing QoS - Configuring and Troubleshooting QoS
8.1. Classification
8.1.1. Marking Using DSCP
8.1.2. Marking Using IP Precedence
8.1.3. Marking Using CoS
8.2. Congestion Management and Congestion Avoidance
8.2.1. Priority Queuing
8.2.2. Custom Queuing
8.2.3. Weighted Fair Queuing
8.2.4. WRED
8.2.5. RSVP
8.3. Policing and Shaping
8.3.1. CAR Using Rate Limiting Under the Interface
8.3.2. Frame Relay Traffic Shaping Using Map Classes
8.3.3. Discard Eligible List
8.4. Link Efficiency Mechanisms
8.4.1. Compression
8.4.2. Link Fragmentation and Interleaving (LFI) for Frame Relay
8.5. Modular QoS CLI
8.5.1. Policing
8.5.2. Class-Based Weighted Fair Queuing (CB-WFQ)
8.5.3. Low Latency Queuing (LLQ)
8.5.4. Shaping Using MQC
8.5.5. Random Early Detection Using MQC
8.5.6. WRED Using MQC
8.5.7. Using NBAR for QoS
8.5.8. Discard Eligible Marking Using MQC
8.6. Catalyst QoS
8.6.1. SRR on the Catalyst Switch
9.0
Troubleshooting a Network - Troubleshooting Network-Wide Connectivity Issues
9.1. Troubleshooting Layer 2 Problems
9.1.1. Troubleshooting Catalyst Switch Network Issues
9.1.2. Troubleshooting Frame Relay Network Issues
9.2. Troubleshooting Layer 3 Problems
9.2.1. Troubleshooting IP Addressing Network Issues
9.2.2. Troubleshooting Routing Protocol Network Issues
9.2.3. Troubleshooting Routing Protocol Loop Issues
9.3. Troubleshooting Application Problems
9.3.1. Determining Which Aspects of the Network to Troubleshoot to Determine Network Functionality (Given a Set of Symptoms)
9.4. Troubleshooting Network Services
9.4.1. Troubleshooting Misconfigured NTP Setup
9.4.2. Troubleshooting Misconfigured DHCP Setup
9.4.3. Troubleshooting Misconfigured Telnet and SSH Setup
9.4.4. Troubleshooting Misconfigured SNMP Setup
9.5. Troubleshooting Security Services
9.5.1. Troubleshooting Misconfigured ACLs
9.5.2. Troubleshooting Misconfigured NAT
9.5.3. Troubleshooting Misconfigured AAA Services
10.0
Optimizing a Network - Configuring and Troubleshooting Optimization of a Network
10.1. Logging In
10.1.1. Logging into a Remote Syslog Server
10.1.2. Logging into the Internal Buffer
10.2. SNMP
10.2.1. Use of a Router to Communicate to an SNMP Management Station
10.2.2. Use of a Router to Generate SNMP Traps
10.3. RMON
10.3.1. Use of a Router to Generate SNMP Traps Using RMON
10.4. Accounting
10.4.1. IP Accounting
10.5. SLA
10.5.1. IP SLA
10.6. Implementing Network Services on the Routers
10.6.1. Use of a Router as an FTP Server
10.6.2. Use of a Router as a TFTP Server
10.6.3. Cisco IOS Embedded Event Manager
10.6.4. NetFlow
10.6.5. HTTP and HTTPS on a Router
10.6.6. Telnet on a Router
10.6.7. Implementing Secure Copy Protocol (SCP) on a Router
Expansion of Routing and Switching Lab v4.0 Blueprint
Detailed Checklist of Topics to Be Covered
Please be advised that this topic checklist is not an all-inclusive list of Cisco CCIE Routing and Switching lab exam subjects. Instead, we provide this outline as a supplement to the existing lab blueprint to help candidates prepare for their lab exams. Other relevant or related topics may also appear in the actual lab exam.
We would like to get your feedback please comment and/or rate this document.
Download PDF Now
1.0
Implementing Layer 2 Technologies - Configuring and Troubleshooting Layer 2 Technologies
√
1.01 Frame Relay
1.01.1 Frame Relay Multipoint Links on a Physical Interface Using Inverse ARP
1.01.2 Frame Relay Multipoint Links on a Physical Interface Without Using Inverse ARP
1.01.3. Frame Relay Multipoint Link on a Subinterface Using Inverse ARP
1.01.4. Frame Relay Multipoint Link on a Subinterface Without Using Inverse ARP
1.01.5. Frame Relay Point-to-Point Subinterfaces
1.01.6. PVC with a Multipoint Interface on One Side and a Subinterface on the Other Side
1.01.7. Authentication on a Frame Relay Link Using PPP
1.2 Catalyst Configuration
1.2.01. Trunks Using an Industry-Standard Encapsulation
1.2.02. Trunks Using a Cisco Proprietary Encapsulation
1.2.03. Creating, Deleting, and Editing VLANs
1.2.04. VTP in Client/Server Mode
1.2.05. VTP in Transparent Mode
1.2.06. VTP Authentication
1.2.07. VTP Pruning
1.2.08. Controlling VLANs That Cross a Trunk
1.2.09. Optimizing STP by STP Timers
1.2.10. PortFast
1.2.11. Loop Guard
1.2.12. BPDU Guard
1.2.13. BPDU Filters
1.2.14. UplinkFast
1.2.15. BackboneFast
1.2.16. MSTP
1.2.17. Selecting the Root Bridge for VLANs in a PVST Environment
1.2.18. Selecting the Root Bridge for an MST Instance in an MST Environment
1.2.19. Setting the Port Priority to Designate the Forwarding Ports
1.2.20. EtherChannel Using an Industry-Standard Protocol
1.2.21. EtherChannel Using a Cisco Proprietary Protocol
1.2.22. Disabling Protocols on the EtherChannel
1.2.23. Load-Balancing Type on the EtherChannel
1.2.24. SNMP Management on the Switch
1.2.25. Telnet and SSH Management on the Switch
1.2.26. Controlling Inbound and Outbound Telnet on the Switch
1.2.27. Regular and Smart Macros
1.2.28. Switch Banners
1.2.29. UDLD
1.2.30. Switch Virtual Interfaces (SVIs) for IP Routing
1.2.31. Router on a Stick
1.2.32. SPAN
1.2.33. RSPAN
1.2.34. IP Routing on the Switch Using RIPv2, EIGRP, OSPF, and BGP
1.2.35. IP Phones to Connect to the Catalyst Switch
1.2.36. Dot1q Tunneling
1.3 Other Layer 2 Technologies
1.3.1. HDLC
1.3.2. PPP
1.3.3. PPP over Ethernet
2.0
Implementing IPv4 - Configuring and Troubleshooting IPv4
2.1. IPv4 Addressing
2.1.1. IPv4 Addressing
2.1.2. IPv4 Subnetting
2.1.3. IPv4 VLSM
2.2. OSPFv2
2.2.01. OSPF on a Broadcast Multicast Access Network (Ethernet)
2.2.02. OSPF over a Frame Relay Multipoint Network by Changing Network Types
2.2.03. OSPF over a Frame Relay Multipoint Network by Using the neighbor Command
2.2.04. OSPF over a Frame Relay Point-to-Point Network
2.2.05. Virtual Links
2.2.06. Stub Areas
2.2.07. Totally Stubby Areas
2.2.08. NSSA Areas
2.2.09. NSSA and Stub Areas
2.2.10. NSSA and Totally Stubby Areas
2.3. EIGRP
2.3.1. Basic EIGRP
2.3.2. Passive Interfaces
2.3.3. EIGRP Stub on Routers and Switches
2.3.4. EIGRP Update—Bandwidth Control
2.3.5. Changing the Administrative Distance of EIGRP
2.3.6. Unequal-Cost Load Balancing for EIGRP
2.4. Filtering, Redistribution, and Summarization
2.4.01. Route Filtering for OSPF Within the Area Using a Distribute List with an ACL and Prefix Lists
2.4.02. Route Filtering for OSPF Between Areas
2.4.03. Summarization of OSPF Routes Between Areas
2.4.04. Summarization of External Routers Within OSPF
2.4.05. Filtering with a Distribute List Using an ACL and Prefix Lists
2.4.06. Using Advanced ACLs and a Prefix List for Filtering Routes
2.4.07. Summarizing Routes with EIGRP
2.4.08. Route Summarization for RIP
2.4.09. Redistribution Between OSPF and EIGRP
2.4.10. Redistribution Between RIP and EIGRP
2.4.11. Redistribution Between RIP and OSPF
2.4.12. Redistribution of Directly Connected Routes
2.4.13. Redistribution of Static Routes
2.4.14. Redistribution with Filtering Using ACLs and Prefix Lists
2.4.15 Redistribution with Filtering Using Route Tagging
2.5. IBGP
2.5.1. IBGP Peering
2.5.2. Advertising Routes in BGP
2.5.3. Next-Hop Attribute
2.5.4. Route Reflectors
2.5.5. Redundancy by Neighbor Relationships Based on Loopbacks
2.6. EBGP
2.6.1. EBGP Peering
2.6.2. EBGP Peering Based on Loopbacks
2.7. BGP Advanced Features
2.7.01. Filtering Using ACLs
2.7.02. Filtering Using Prefix Lists
2.7.03. Filtering Using AS Path Filters
2.7.04. Redistributing Connected Routes into BGP
2.7.05. Redistributing Dynamic Routing Protocols into BGP
2.7.06. BGP Aggregation
2.7.07. BGP Aggregation with the Summary Only Parameter
2.7.08. BGP Aggregation with Suppress Maps
2.7.09. BGP Aggregation with Unsuppress Maps
2.7.10. BGP Best-Path Selection – Weight
2.7.11. BGP Best-Path Selection – Local Preference
2.7.12. BGP Best-Path Selection – MED
2.7.13. BGP Communities – No-Export
2.7.14. BGP Communities – No-Advertise
2.7.15. BGP Confederation
2.7.16. BGP Local AS
2.7.17. Working with Private AS Numbers
2.7.18. Route Dampening
2.7.19. Conditional Advertising
2.7.20. Peer Groups
2.8 Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
3.0
Implementing IPv6 - Configuring and Troubleshooting IPv6
3.1. IPv6
3.1.1. IPv6 Addresses
3.1.2 RIPng
3.1.2. OSPFv3
3.1.3. EIGRPv6
3.1.4. IPv6 Tunneling
3.1.5. IPv6 on a Frame Relay Network – Multipoint
3.1.6. IPv6 on a Frame Relay Network – Point-to-Point
3.1.7. Route Filtering with a Distribute List Using an ACL and Prefix Lists
3.1.8. Route Redistribution Between OSPFv3 and EIGRPv6
4.0
Implementing MPLS - Configuring and Troubleshooting MPLS
4.1. MPLS Unicast Routing
4.1.1. MPLS Unicast Routing Using LDP
4.1.2. Controlling Label Distribution
4.2. MPLS VPN
4.2.1. MPLS VPN Using Static Routing Between PE-CE
4.2.2. MPLS VPN Using EIGRP as the PE-CE Routing Protocol
4.2.3. MPLS VPN Using OSPF as the PE-CE Routing Protocol
4.2.4. MPLS VPN Using EBGP as the PE-CE Routing Protocol
4.2.5. Controlling Route Propagation Using the Route Target with Import and Export Maps
4.3. VRF-Lite
4.3.1. VRFs at the Customer Sites Using VRF-Lite
5.0
Implementing IP Multicast - Configuring and Troubleshooting IP Multicast
5.1. PIM and Bidirectional PIM
5.1.1. PIM Dense Mode
5.1.2. PIM on an NMBA Network
5.1.3. PIM Sparse Mode – Static Rendezvous Point
5.1.4. PIM Sparse Mode – Multiple Static Rendezvous Points
5.1.5. PIM Sparse Mode – Auto Rendezvous Point
5.1.6. PIM Sparse Mode with Multiple Rendezvous Points Using the Auto Rendezvous Point
5.1.7. Bidirectional PIM
5.2. MSDP
5.2.1. MSDP
5.2.2. MSDP to an Anycast Rendezvous Point
5.3. Multicast Tools
5.3.1. Multicast Rate Limiting
5.3.2. IGMP Filtering on the Switch
5.3.3. Use of the Switch to Block Multicast Traffic
5.3.4. Multicasting Through a GRE Tunnel
5.3.5. Multicast Helper Address
5.4. IPv6 Multicast
5.4.1. IPv6 Multicast Routing Using PIM
5.4.2. IPv6 Multicast Listener Discovery (MLD) Protocol
6.0
Implementing Network Security - Configuring and Troubleshooting Network Security
6.1. AAA and Security Server Protocols
6.1.1. Use of a Router to Authenticate Against a AAA Server Using TACACS+
6.1.2. Use of a Router to Authenticate Against a AAA Server Using RADIUS
6.1.3. Local Privilege Authorization
6.1.4. Accounting to a AAA Server Using TACACS+
6.1.5. Accounting to a AAA Server Using RADIUS
6.2. Access Lists
6.2.1. Standard Access Lists
6.2.2. Extended Access Lists
6.2.3. Time-Based Access Lists
6.2.4. Reflexive Access Lists
6.3. Routing Protocol Security
6.3.1. Routing Protocol Authentication for EIGRP
6.3.2. Routing Protocol Authentication for OSPF – Area-Wide
6.3.3. Routing Protocol Authentication for OSPF – Interface-Specific
6.3.4. Routing Protocol Authentication for OSPF Virtual Links
6.3.5. Routing Protocol Authentication for BGP
6.4. Catalyst Security
6.4.1. Storm Control
6.4.2. Switch Port Security
6.4.3. Dot1x Authentication
6.4.4. Dot1x Authentication for VLAN Assignment
6.4.5. VLAN Access Maps
6.4.6. DHCP Snooping
6.4.7. DAI
6.4.8. IP Source Guard
6.4.9. Private VLANs
6.5. Cisco IOS and Zone-Based Firewalls
6.5.1. Basic Cisco IOS Firewall
6.5.2. DoS Protection on a Cisco IOS Firewall
6.5.3. Basic Zone-Based Firewall
6.5.4. Zone-Based Firewall with Deep Packet Inspection
6.6. NAT
6.6.1. Dynamic NAT
6.6.2. PAT
6.6.3. Static NAT
6.6.4. Static PAT
6.6.5. Policy-Based NAT
6.7. Other Security Features
6.7.1. Configuring the TCP Intercept Feature
6.7.2. Configuring Blocking of Fragment Attacks
6.7.3. Configuring Switch Security Features
6.7.4. Configuring Antispoofing Using an ACL
6.7.5. Configuring Antispoofing Using uRPF
6.7.6. SSH on Routers and Switches
6.7.7. Cisco IOS IPS
6.7.8. Controlling Telnet and SSH Access to the Router and Switch
7.0
Implementing Network Services - Configuring and Troubleshooting Network Services
7.1. DHCP
7.1.1. Configuring DHCP on a Cisco IOS Router
7.1.2. Configuring DHCP on a Switch
7.1.3. Using a Router and a Switch to Act as a DHCP Relay Agent (Helper Address)
7.2. HSRP
7.2.1. HSRP Between Two Routers
7.2.2. Pre-empt for HSRP
7.2.3. Authentication for HSRP
7.2.4. VRRP
7.2.5. GLBP
7.3. IP Services
7.3.1. Use of the Router for WCCP
7.3.2. Use of the Router to Generate an Exception Dump Using TFTP
7.3.3. Use of the Router to Generate an Exception Dump Using FTP
7.3.4. Use of the Router to Generate an Exception Dump Using RCP
7.3.5. Broadcast Forwarding for Protocols
7.4. System Management
7.4.1. Telnet Management on the Router and Switch
7.4.2. SSH Management on the Router and Switch
7.4.3. Disabling Telnet and the SSH Client on the Switch
7.4.4. HTTP Management on the Router and Switch
7.4.5. Controlling HTTP Management on the Router and Switch
7.5. NTP
7.5.1. NTP Using the NTP Master and NTP Server Commands
7.5.2. NTP Without Using the NTP Server
7.5.3. NTP Using NTP Broadcast Commands
8.0
Implementing QoS - Configuring and Troubleshooting QoS
8.1. Classification
8.1.1. Marking Using DSCP
8.1.2. Marking Using IP Precedence
8.1.3. Marking Using CoS
8.2. Congestion Management and Congestion Avoidance
8.2.1. Priority Queuing
8.2.2. Custom Queuing
8.2.3. Weighted Fair Queuing
8.2.4. WRED
8.2.5. RSVP
8.3. Policing and Shaping
8.3.1. CAR Using Rate Limiting Under the Interface
8.3.2. Frame Relay Traffic Shaping Using Map Classes
8.3.3. Discard Eligible List
8.4. Link Efficiency Mechanisms
8.4.1. Compression
8.4.2. Link Fragmentation and Interleaving (LFI) for Frame Relay
8.5. Modular QoS CLI
8.5.1. Policing
8.5.2. Class-Based Weighted Fair Queuing (CB-WFQ)
8.5.3. Low Latency Queuing (LLQ)
8.5.4. Shaping Using MQC
8.5.5. Random Early Detection Using MQC
8.5.6. WRED Using MQC
8.5.7. Using NBAR for QoS
8.5.8. Discard Eligible Marking Using MQC
8.6. Catalyst QoS
8.6.1. SRR on the Catalyst Switch
9.0
Troubleshooting a Network - Troubleshooting Network-Wide Connectivity Issues
9.1. Troubleshooting Layer 2 Problems
9.1.1. Troubleshooting Catalyst Switch Network Issues
9.1.2. Troubleshooting Frame Relay Network Issues
9.2. Troubleshooting Layer 3 Problems
9.2.1. Troubleshooting IP Addressing Network Issues
9.2.2. Troubleshooting Routing Protocol Network Issues
9.2.3. Troubleshooting Routing Protocol Loop Issues
9.3. Troubleshooting Application Problems
9.3.1. Determining Which Aspects of the Network to Troubleshoot to Determine Network Functionality (Given a Set of Symptoms)
9.4. Troubleshooting Network Services
9.4.1. Troubleshooting Misconfigured NTP Setup
9.4.2. Troubleshooting Misconfigured DHCP Setup
9.4.3. Troubleshooting Misconfigured Telnet and SSH Setup
9.4.4. Troubleshooting Misconfigured SNMP Setup
9.5. Troubleshooting Security Services
9.5.1. Troubleshooting Misconfigured ACLs
9.5.2. Troubleshooting Misconfigured NAT
9.5.3. Troubleshooting Misconfigured AAA Services
10.0
Optimizing a Network - Configuring and Troubleshooting Optimization of a Network
10.1. Logging In
10.1.1. Logging into a Remote Syslog Server
10.1.2. Logging into the Internal Buffer
10.2. SNMP
10.2.1. Use of a Router to Communicate to an SNMP Management Station
10.2.2. Use of a Router to Generate SNMP Traps
10.3. RMON
10.3.1. Use of a Router to Generate SNMP Traps Using RMON
10.4. Accounting
10.4.1. IP Accounting
10.5. SLA
10.5.1. IP SLA
10.6. Implementing Network Services on the Routers
10.6.1. Use of a Router as an FTP Server
10.6.2. Use of a Router as a TFTP Server
10.6.3. Cisco IOS Embedded Event Manager
10.6.4. NetFlow
10.6.5. HTTP and HTTPS on a Router
10.6.6. Telnet on a Router
10.6.7. Implementing Secure Copy Protocol (SCP) on a Router
Cisco Revising CCIE R&S Certification - Announcement and FAQ
Cisco Revising CCIE R&S Certification
UPDATE: CCIE R&S v4.0 Exams Released
Effective October 19, 2009 Cisco CCIE® Routing and Switching v4.0 certification exams are available in all testing locations worldwide. The competencies required for CCIE R&S v4.0 certification can be found by reviewing the CCIE R&S v4.0 written exam topics and CCIE R&S v4.0 lab exam topics.
Both the written and lab exams have been refreshed with new questions covering MPLS and VPN networking. The written exam includes new scenario-based questions. The lab exam now requires hands-on troubleshooting of preconfigured networks, in addition to configuration.
Read the Blog on this topic: Thoughts on New CCIE R&S v4.0 Certification
The announcement below was made on May 5, 2009.
To reflect the growth of the network as a service platform, Cisco is revising the certification requirements for CCIE Routing & Switching (CCIE R&S)–the expert level certification for network engineers. The new requirements were developed with assistance from Cisco enterprise customers and reflect the expectations of employers across industries.
The competencies required for CCIE R&S v4.0 certification were released on May 5, 2009, and are available on the Cisco Learning Network under the CCIE R&S v4.0 Written Exam topics and CCIE R&S v4.0 Lab Exam topics. Exams based on the new requirements are scheduled for release on October 18, 2009, and will immediately replace the currently available v3.0 exams. Candidates who plan to take their exams on October 18, 2009, or later should prepare using the new v4.0 exam topics.
Both the written and lab exams will be refreshed with new questions and will cover MPLS and VPN networking. The written exam will add scenario-based questions to the multiple choice questions, and the lab will now require hands-on troubleshooting of preconfigured networks, in addition to configuration. Exam duration and pricing will remain the same, with the two-hour written exam at USD$350 and the eight-hour lab at USD$1400.
A beta version of the new CCIE R&S v4.0 written exam (351-001) will be available to all customers in the July–August 2009 timeframe at a discounted price of USD$50. An announcement will be made when scheduling begins.
Cisco 360 Learning Program Updates Available
Cisco 360 Learning Program components aligned to the new CCIE R&S certification standards will be available on May 11, 2009. All current students will have access to the new materials throughout their subscription period. New materials include additional lessons on MPLS and troubleshooting, enhanced coverage of these topics in the instructor-led workshops, an updated Practice Lab Workbook for self-paced practice, and new Performance Assessments that gauge skill level and offer mentoring feedback.
CCIE Assessor, the first CCIE R&S practice lab, will be retired on June 5, 2009, and will be replaced by the 10 eight-hour assessment labs available through the Cisco 360 Learning Program. Find out more
Frequently Asked Questions
1 - Q: What exactly is being changed on the CCIE R&S written exam?
A: The CCIE R&S v4.0 written exam will be refreshed with new questions to reflect the current job role expectations of employers. Scenario-based questions will be added to the multiple choice questions. New topics include the skills associated with planning and evaluating network changes, implementing MPLS, Layer 3 VPN, IPv6, EIGRP and multicast; and configuring performance-based routing. More information is available on the CCIE Written Exam Overview page.
2 - Q: What exactly is being changed on the CCIE R&S lab exam?
A: The CCIE R&S v4.0 lab exam will be refreshed with new questions to reflect the current job role expectations of employers. The equipment in the testing lab will be updated with Cisco 1800 and 3800 Series Integrated Services Routers running Cisco IOS® Software Version 12.4(T) and Cisco Catalyst® 3560 Series Switches running Cisco IOS Version 12.2 Advanced IP Services. The biggest change will be the testing of hands-on troubleshooting for the first two hours of the eight-hour exam. Candidates will be presented with a series of trouble tickets for preconfigured networks, and they will need to diagnose and resolve the network fault or faults—a realistic and challenging job task. Candidates who finish the troubleshooting section early can move on to the configuration section, but they will not be allowed to go back to the troubleshooting section, since their equipment will need to be reinitialized for the configuration portion of the exam.
To make time for new material, CCIE R&S v4.0 exams will put less emphasis on equipment operation and concepts generally understood at the professional level. These skills are still assumed, but will not be the sole objective of CCIE test questions. Go to the Lab Exam Study/Learn section for more information.
3 - Q: Now that the CCIE R&S v4.0 has been announced, can I still take the CCIE R&S v3.0 exam? How long will it be valid?
A: The CCIE R&S v3.0 written exam will be available through October 17, 2009, at all Pearson VUE testing centers. Passing the v3.0 written exam qualifies a candidate to take any available version of the CCIE R&S lab exam. As with all CCIE written exams, a passing score on v3.0 written exam will remain valid for three years, as long as the candidate attempts the lab exam once within the first 18 months. If the lab is not attempted, the written exam becomes invalid and the candidate will have to retest using whatever written exam is available at that time.
4 - Q: If I take the CCIE R&S written beta test in July or August 2009, will I still be able to schedule the CCIE R&S v3.0 lab exam?
A: Scores on CCIE written beta tests are not available until 4 to 6 weeks after the close of the beta period. At this time, there is no guarantee the CCIE R&S v3.0 lab exam will still be available when a beta test candidate receives his or her score. Beta testers should plan on taking the CCIE R&S v4.0 lab test to achieve certification.
5 - Q: If I don’t pass the CCIE R&S v4.0 written beta exam, can I take it again in five days?
A: No, a candidate can only take a CCIE written beta test once during the beta testing period.
6 - Q: Will there be any changes to the recently-added Core Knowledge portion of the exam, the part with the short-answer questions?
A: The questions in the Core Knowledge section of the lab exam may cover any area on the CCIE R&S v4.0 Lab Exam topics.
7 - Q: What can a candidate expect in the troubleshooting portion of the lab exam?
A: Troubleshooting is allotted two of the eight hours required for the CCIE lab exam. Candidates will be presented with a series of trouble tickets for preconfigured networks and will need to diagnose and resolve the fault or faults. As with previous CCIE labs, the network will need to be up and running for the candidate to receive credit. Candidates who finish the troubleshooting section early can move on to the configuration section, but they will not be allowed to go back to the troubleshooting section.
8 - Q: Does a candidate have to pass both the troubleshooting and configuration sections in order to pass the entire CCIE R&S v4.0 lab exam and earn a CCIE?
A: Candidates will receive a single pass/fail grade on the entire exam, including both configuration and troubleshooting. Failing score reports will give an indication of where the candidate scored lower, to help the candidate prepare for another attempt.
9 - Q: Will the CCIE R&S mobile lab exam also be updated?
A: Yes, CCIE R&S mobile labs use the same lab version as Cisco office locations, and they will switch to the v4.0 lab exam on October 18, 2009 as well.
10 - Q: Which exam will be used for recertification?
A: As of October 18, 2009, CCIEs who take the CCIE R&S written exam for recertification will be given the v4.0 exam and should prepare using the exam topics found on the Cisco Learning Network.
11 - Q: Are the previous Cisco 360 components applicable to the CCIE R&S v4.0 exams? Should candidates studying for CCIE R&S v4.0 exams wait for the new Cisco 360 materials to begin work?
A: The learning components available at first launch of Cisco 360 are still relevant to candidates studying for the CCIE R&S v4.0 certification exams. No Cisco 360 Learning Program components are being retired. There is no need for candidates to wait for revised Cisco 360 material to begin their study and practice. The subscription model ensures that Cisco 360 customers can take advantage of all new content as it is released and do not need to wait.
Tags: ccie_routing_and_switching, ccie_r&s, new_ccie, cciers, ccie_rs, new_version
UPDATE: CCIE R&S v4.0 Exams Released
Effective October 19, 2009 Cisco CCIE® Routing and Switching v4.0 certification exams are available in all testing locations worldwide. The competencies required for CCIE R&S v4.0 certification can be found by reviewing the CCIE R&S v4.0 written exam topics and CCIE R&S v4.0 lab exam topics.
Both the written and lab exams have been refreshed with new questions covering MPLS and VPN networking. The written exam includes new scenario-based questions. The lab exam now requires hands-on troubleshooting of preconfigured networks, in addition to configuration.
Read the Blog on this topic: Thoughts on New CCIE R&S v4.0 Certification
The announcement below was made on May 5, 2009.
To reflect the growth of the network as a service platform, Cisco is revising the certification requirements for CCIE Routing & Switching (CCIE R&S)–the expert level certification for network engineers. The new requirements were developed with assistance from Cisco enterprise customers and reflect the expectations of employers across industries.
The competencies required for CCIE R&S v4.0 certification were released on May 5, 2009, and are available on the Cisco Learning Network under the CCIE R&S v4.0 Written Exam topics and CCIE R&S v4.0 Lab Exam topics. Exams based on the new requirements are scheduled for release on October 18, 2009, and will immediately replace the currently available v3.0 exams. Candidates who plan to take their exams on October 18, 2009, or later should prepare using the new v4.0 exam topics.
Both the written and lab exams will be refreshed with new questions and will cover MPLS and VPN networking. The written exam will add scenario-based questions to the multiple choice questions, and the lab will now require hands-on troubleshooting of preconfigured networks, in addition to configuration. Exam duration and pricing will remain the same, with the two-hour written exam at USD$350 and the eight-hour lab at USD$1400.
A beta version of the new CCIE R&S v4.0 written exam (351-001) will be available to all customers in the July–August 2009 timeframe at a discounted price of USD$50. An announcement will be made when scheduling begins.
Cisco 360 Learning Program Updates Available
Cisco 360 Learning Program components aligned to the new CCIE R&S certification standards will be available on May 11, 2009. All current students will have access to the new materials throughout their subscription period. New materials include additional lessons on MPLS and troubleshooting, enhanced coverage of these topics in the instructor-led workshops, an updated Practice Lab Workbook for self-paced practice, and new Performance Assessments that gauge skill level and offer mentoring feedback.
CCIE Assessor, the first CCIE R&S practice lab, will be retired on June 5, 2009, and will be replaced by the 10 eight-hour assessment labs available through the Cisco 360 Learning Program. Find out more
Frequently Asked Questions
1 - Q: What exactly is being changed on the CCIE R&S written exam?
A: The CCIE R&S v4.0 written exam will be refreshed with new questions to reflect the current job role expectations of employers. Scenario-based questions will be added to the multiple choice questions. New topics include the skills associated with planning and evaluating network changes, implementing MPLS, Layer 3 VPN, IPv6, EIGRP and multicast; and configuring performance-based routing. More information is available on the CCIE Written Exam Overview page.
2 - Q: What exactly is being changed on the CCIE R&S lab exam?
A: The CCIE R&S v4.0 lab exam will be refreshed with new questions to reflect the current job role expectations of employers. The equipment in the testing lab will be updated with Cisco 1800 and 3800 Series Integrated Services Routers running Cisco IOS® Software Version 12.4(T) and Cisco Catalyst® 3560 Series Switches running Cisco IOS Version 12.2 Advanced IP Services. The biggest change will be the testing of hands-on troubleshooting for the first two hours of the eight-hour exam. Candidates will be presented with a series of trouble tickets for preconfigured networks, and they will need to diagnose and resolve the network fault or faults—a realistic and challenging job task. Candidates who finish the troubleshooting section early can move on to the configuration section, but they will not be allowed to go back to the troubleshooting section, since their equipment will need to be reinitialized for the configuration portion of the exam.
To make time for new material, CCIE R&S v4.0 exams will put less emphasis on equipment operation and concepts generally understood at the professional level. These skills are still assumed, but will not be the sole objective of CCIE test questions. Go to the Lab Exam Study/Learn section for more information.
3 - Q: Now that the CCIE R&S v4.0 has been announced, can I still take the CCIE R&S v3.0 exam? How long will it be valid?
A: The CCIE R&S v3.0 written exam will be available through October 17, 2009, at all Pearson VUE testing centers. Passing the v3.0 written exam qualifies a candidate to take any available version of the CCIE R&S lab exam. As with all CCIE written exams, a passing score on v3.0 written exam will remain valid for three years, as long as the candidate attempts the lab exam once within the first 18 months. If the lab is not attempted, the written exam becomes invalid and the candidate will have to retest using whatever written exam is available at that time.
4 - Q: If I take the CCIE R&S written beta test in July or August 2009, will I still be able to schedule the CCIE R&S v3.0 lab exam?
A: Scores on CCIE written beta tests are not available until 4 to 6 weeks after the close of the beta period. At this time, there is no guarantee the CCIE R&S v3.0 lab exam will still be available when a beta test candidate receives his or her score. Beta testers should plan on taking the CCIE R&S v4.0 lab test to achieve certification.
5 - Q: If I don’t pass the CCIE R&S v4.0 written beta exam, can I take it again in five days?
A: No, a candidate can only take a CCIE written beta test once during the beta testing period.
6 - Q: Will there be any changes to the recently-added Core Knowledge portion of the exam, the part with the short-answer questions?
A: The questions in the Core Knowledge section of the lab exam may cover any area on the CCIE R&S v4.0 Lab Exam topics.
7 - Q: What can a candidate expect in the troubleshooting portion of the lab exam?
A: Troubleshooting is allotted two of the eight hours required for the CCIE lab exam. Candidates will be presented with a series of trouble tickets for preconfigured networks and will need to diagnose and resolve the fault or faults. As with previous CCIE labs, the network will need to be up and running for the candidate to receive credit. Candidates who finish the troubleshooting section early can move on to the configuration section, but they will not be allowed to go back to the troubleshooting section.
8 - Q: Does a candidate have to pass both the troubleshooting and configuration sections in order to pass the entire CCIE R&S v4.0 lab exam and earn a CCIE?
A: Candidates will receive a single pass/fail grade on the entire exam, including both configuration and troubleshooting. Failing score reports will give an indication of where the candidate scored lower, to help the candidate prepare for another attempt.
9 - Q: Will the CCIE R&S mobile lab exam also be updated?
A: Yes, CCIE R&S mobile labs use the same lab version as Cisco office locations, and they will switch to the v4.0 lab exam on October 18, 2009 as well.
10 - Q: Which exam will be used for recertification?
A: As of October 18, 2009, CCIEs who take the CCIE R&S written exam for recertification will be given the v4.0 exam and should prepare using the exam topics found on the Cisco Learning Network.
11 - Q: Are the previous Cisco 360 components applicable to the CCIE R&S v4.0 exams? Should candidates studying for CCIE R&S v4.0 exams wait for the new Cisco 360 materials to begin work?
A: The learning components available at first launch of Cisco 360 are still relevant to candidates studying for the CCIE R&S v4.0 certification exams. No Cisco 360 Learning Program components are being retired. There is no need for candidates to wait for revised Cisco 360 material to begin their study and practice. The subscription model ensures that Cisco 360 customers can take advantage of all new content as it is released and do not need to wait.
Tags: ccie_routing_and_switching, ccie_r&s, new_ccie, cciers, ccie_rs, new_version
Tuesday, May 25, 2010
CCIE
Cisco Certified Internetwork Expert
Expert Level Knowledge and ExperienceCisco CCIE |  |
Cisco Announces New Service Provider Operations TrackCisco 360 Learning ProgramCore Knowledge Removed for CCIE R&S and VoiceNew! CCIE Dubai Lab LocationThe CCIE lab in Dubai has relocated to a new facility. Effective November 22, 2009, CCIE lab candidates testing in the Dubai test center should report to the new facility located at: Cisco Systems Dubai
New! CCIE R&S Certification v 4.0 Exams Now Available Effective October 19, 2009 Cisco CCIE® Routing and Switching v4.0 certification exams are available in all testing locations worldwide. The competencies required for CCIE R&S v4.0 certification can be found on the Cisco Learning Network under CCIE R&S v4.0 written exam topics and CCIE R&S v4.0 lab exam topics in the CCIE R&S section of the site. Both the written and lab exams have been refreshed with new questions covering MPLS and VPN networking. The written exam includes new scenario-based questions. The lab exam now requires hands-on troubleshooting of preconfigured networks, in addition to configuration. Exam duration and pricing will remain the same, with the two-hour written exam at USD $350 and the eight-hour lab at USD $1400. Introducing Cisco Lab Safe, a Training Investment Assurance PromotionRefresh of CCIE Security Lab Exam is Now LiveEffective April 20, 2009, important content changes have been implemented in the CCIE Security Lab exam. Candidates should prepare using the v3.0 Lab Equipment and Software versions and v3.0 Blueprint. After April 20, 2009, students should no longer use the v2.0 Lab Equipment and Software versions and v2.0 blueprint as they have formally reached end of life. Updates to the CCIE Lab and Written Exam Question Format and ScoringEffective February 1, 2009, Cisco will introduce a new type of question format to CCIE Routing and Switching lab exams. In addition to the live configuration scenarios, candidates will be asked a series of four or five open-ended questions, on the computer screen, drawn from a pool of questions based on the material covered on the lab blueprint. No new topics are being added. Candidates will also see two other changes to the CCIE written exams. Effective February 17th, 2009, candidates will be required to answer each question before moving on to the next question. In other words, candidates will no longer be allowed to skip a question and come back to it at a later time. Finally, there will be an update to the overall score report. The overall exam score and the exam passing score will now be reported on a scale from 300-1000. To find out more information regarding updates to the CCIE Lab and scoring format, access the CCIE Q&A session in the link below. Introducing the Cisco 360 Learning Program for CCIE Routing and Switching Designed with high-potential network professionals in mind, the Cisco 360 Learning Program for CCIE Routing and Switching is a comprehensive, blended learning program designed to accelerate expert-level competency and provide the skills and training needed to prepare candidates for the rigorous CCIE Routing and Switching exam. Find out more about the Cisco 360 Learning Program for CCIE Routing and Switching. Test Preparation Tools News & AnnouncementsCore Knowledge Removed for CCIE R&S and Voice 10 May 2010 Beginning May 10, 2010, CCIE R&S and CCIE Voice lab exams in all global locations will no longer include the four, open-ended Core Knowledge questions. New CCIE Exam Preparation Checklists 05 April 2010 Additional tools to help you prepare for your lab exam. Additional CCIE Training Options and Core Knowledge Waiver 16 March 2010 Beginning April 1, 2010, students who attend a Cisco 360 Learning Program workshop may request a waiver for the Core Knowledge section of the CCIE R&S or the CCIE Voice lab exam. Cisco Introduces New CCNP Wireless Certification 30 June 2009 CCNP Wireless certification recognizes the critical importance of professionals who support and manage Cisco wireless LANs and networks. CCIE Voice Lab Exam Adding Short Answer Questions 15 June 2009 Effective July 16, 2009, the new CCIE Voice Lab Exam v3.0 will be live for test candidates. Also effective July 16, 2009, the Cisco CCIE Voice Lab Exam will feature a new type of question format in a section called Core Knowledge. CCIE Security Lab Exam Adding Short Answer Questions 15 May 2009 Effective June 15, 2009, the Cisco CCIE Security lab exam will feature a new type of question format in a section called Core Knowledge. Cisco Revising CCIE R&S Certification 05 May 2009 Cisco has revised the certification requirements for CCIE R&S and published the new v4.0 standards (formerly known as blueprints) on the Cisco Learning Network. Refresh of CCIE Security Lab Exam is Now Live 20 Apr 2009 Effective April 20, 2009, important content changes have been implemented in the CCIE Security Lab exams. Candidates for lab exams scheduled April 20, 2009 or later should prepare using the v3.0 Lab Equipment and Software versions. Cisco Refreshes Lab Portion of its Popular CCIE Voice Exam 12 Mar 2009 To meet the needs of today's expert-level voice services professionals, Cisco has refreshed the lab portion of its popular CCIE Voice certification. Policy Change to Payment for CCIE Labs 29 Aug 2008 In effort to improve the availability of CCIE lab exams Cisco has updated the CCIE lab payment process. CCIE labs changing from UniversCD to Cisco Documentation 22 Aug 2008 On Sept 24 2008 CCIE labs will no longer support using the UniversCD documentation for the lab exam. CCIE Storage written exam beta available April 3 03 Mar 2008 Beginning April 3, 2008, a beta version of the new CCIE Storage qualification exam will be available at all testing centers for a reduced price. |
CCIE Success Stories
CCIE Success Stories
Share your CCIE success story with the IEOC in this forum!
![Pizza [pi]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ssE0EdHMV93vH0f9d-VOatvpfWTGNp6i0Ld2BkImswaDNLrrmo24vILXGTrJy7bjmh6VdtTaqLgPzLVYSyAJxMTO2RuttuooBoZw=s0-d)
Subscribe to:
Posts (Atom)