I have decided now to take the CCIE security exam. I was searching resources for this exam. The first thing that i got is, the Cisco documentations that are very helpful and obviously relevant to the subject’s objectives.

I went through the objectives of the paper structure and then figured out some important topics such as algorithms, network devices, I searched them on Cisco’s Website and I got treasure of information. These information can help you a lot whether you taking security or any other networking certification of Cisco or other vendors.

I also have found a book for CCIE security that is authorized by Cisco.

CCIE Security

Today in the morning, I was researching on some security certifications and went through Cisco’s certification information.

I saw there many certifications including security certifications. The certification, that I got attracted to is CCIE SECURITY which is one of the most advanced security certification in current time. I am interested to take 350-018 exam now. It will definitely help an aspirant to have a great amount of knowledge of securing a network.

I also go to the sites where I can get guidance for certifications, such as brain dumps, pass4sure and many more. But truly, they provide real exam questions that might come for only one time in an exam. If you really want to have knowledge of these fields you should study yourself, this will enhance your knowledge.

You will wonder to know that I have found a site which really helps you for self-study. They are about to release their new guidance kit on CCIE Security. I have pre-ordered the kit when I went through this site.

This site provides facts, how to’s, scenarios, simulations. Based on the author’s self-study.

This site also claims that if you get failed in your exam they will pay back your money without any questions. You have to do just one thing that mail your marks sheet to the site. There is no time limit for claiming payback. You can inform them at any time and they will refund….It’s great. Will give more info regarding this paper in my next post…

Enjoy reading.

I was digging deep in amazon for some useful books. I found one very rare species of book. I will explain how it is rare, consider you wanted to prepare for an exam dedicated on Hacking lets take Computer hacking forensic investigator (CHFI). For the preparation you will consult dozens of books to complete distributed topics of the exam. You waste lots of time to find out the relevant matter and then concentrate hard on the matter. Every write have different art of writing and you have to adjust according to the all of them.

Now, consider different scenario. You wanted to prepare for the same exam and while looking for the book you find out a study guide, which is dedicated to this very paper. This book covers each and every topic come in exam. And the best part, it contains practice questions to test your skill on the subject.

Its a boon for the certification seekers. I am sharing the information to all my readers. Happy reading.

Find the link of book here.

I am preparing for the GCIH exam and sweat comes to my feet while gathering information about this exam. I managed to acquire all possible information and it takes almost two full days. Then I decided, I am not gonna let anybody sweat like this. In this post you will find everything and Anything you want to know about the GCIH exam. Please feel free to add your information and ideas.

Q. What is the GIAC Certified Incident Handler (GCIH) exam?
A. GIAC Certified Incident Handler (GCIH) is a vendor-neutral certification that validates an individual’s understanding for incident handling/incident response; individuals who require an understanding of the current threats to systems and networks, along with effective countermeasures.

Q. What are the prerequisites for the GIAC Certified Incident Handling (GCIH) exam?
A. There is no prerequisite for the GCIH exam.

Q. What are the benefits of becoming a GIAC Certified Incident Handling (GCIH)?
A. A GCIH-certified candidate can work as an Incident Handler, e-Business Security professional, Systems administrator, Legal professional, IT manager, etc. Numerous corporate sectors are recruiting Incident Handlers to protect their digital infrastructure and to take appropriate steps against security breaches and other computer-related crimes within an organization.

Q. What credit does the GIAC Certified Incident Handling (GCIH) exam provide?
A. Passing the GCIH exam provides the GIAC Certified Incident Handler certification.

Q. How many questions are asked in the test?
A. This test consists of multiple-choice questions. There are no case study type questions, and the test is not adaptive. You will be required to attempt one hundred and fifty (150) questions.

Q. What is the duration of the test?
A. Candidates are required to attempt all questions in 240 minutes (4 hours).

Q. Which type of test is it? (Adaptive/Linear)
A. Linear

Q. What is the passing score?
A. 72.7% (109 of 150 questions) is the minimum passing score.

Q. What is the test retake policy?
A. If you fail a GIAC Certification Exam, you may purchase a retake for the cost $199 by clicking on the “buy retake” link, under the “certification attempts” section in the GIAC exam engine area of your portal account. Once purchased, retakes are non-refundable.

A retake will extend your final certification attempt deadline by one month and your adjusted deadline will be displayed in your Exam Engine.

If you do not purchase the retake before your expiration date arrives, you will need to purchase an extension, and then purchase the retake. Please see the information on extensions below. Your access to any associated practice tests and/or audio files will be automatically extended to match your certification deadline.

Q. Where can I take the test?
A. The primary method for taking a proctored exam is through our testing partner KRYTERION.

Q. What is the exam fee?
A. The cost of the GCIH certification attempt is $899 and recertification attempts are $325.

We remember the warriors of the war, who placed the foundation stone of our country. My friend who is in military services always said to me “Adam, Life ain’t like that. Dying in battle is the best part of life.” I still pay him homage. While I was digging Internet for new certification courses, I came up with a very decent and thoughtful discount offer from one of my favorite Website. uCertify.com

They are giving simple offer: ANY 3 Prepkits for $179.99. That’s just $59.99 each!

Its better to go to their blog and find out more detail. Click here to go on ucertify blog.

I was start liking computers when theory of Y2K hit us. It created chaos that didn’t last long. Everything stay tuned and work fine. This time another theory hit us with proclaiming greater destruction in real time scenario.

Welcome to the 2038 Bug theory.

The year 2038 problem, we all call it as Unix Millennium Bug,or Y2K38 as our private joke. It expects cause some computer software to fail before or in the year 2038. The problem affects all software and systems that store system time as a signed 32-bit integer, and interpret this number as the number of seconds since 00:00:00 UTC on Thursday, 1 January 1970. The farthest time that can be represented this way is 03:14:07 UTC on Tuesday, 19 January 2038. Times beyond this moment will “wrap around” and be stored internally as a negative number, which these systems will interpret as a date in 1901 rather than 2038. This will likely cause problems for users of these systems due to erroneous calculations.

Further, while most programs will only be affected in or very close to 2038, programs that work with future dates will begin to run into problems much sooner. For example, a program that works with dates 20 years in the future will have to be fixed no later than in 2018.

Because most 32-bit Unix-like systems store and manipulate time in this format, it is usually called Unix time, and so the year 2038 problem is often referred to as the Unix Millennium Bug. However, any other non-Unix operating systems and software that store and manipulate time this way will be just as vulnerable.

I find one website very informative about this Y2K38 theory, even if I have taken the image of the bug from this site. Find it here.

I will ask you to google it and I am sure you will find interesting facts round the corner. Lets wait for it.

Find one very good graphical description of Y2K38 problem on Wikipedia. Look at it.

Firewall is used to protect the network from external attacks by hackers. Firewall prevents direct communication between computers in the network and the external computers, through the Internet. Instead, all communication is done through a proxy server, outside the organization s network, which decides whether or not it is safe to let a file pass through. The term firewall now denotes a component or set of components that restrict access, protects, and filters the content passing through a protected network from the Internet. Firewalls can protect a network by screening out harmful files or data from within or outside and prevent its clients from accessing prohibited or harmful websites. The use of a firewall on a router is possible. A number of different router brands or designs like the CISCO collection of routers have options on setting up a basic firewall. A router is a device that diverts or routes information along a specified network.

What you will need in the process:

• Router
• Computer

Here we goes with the steps:

Step 1

Choose a router best suited for the computer. There are different types of firewalls that suit different kinds of computers and routers that cater to a user’s specific needs.

Step 2

It is a must to understand a basic firewall. Most routers incorporate a pre-configured basic firewall sufficient for most common needs. This basic firewall is generally adequate to protect the network while allowing the clients of the network appropriate access to be productive. Some users have specific needs that require an advanced degree of customized firewall configuration. Because of this, a router sometimes includes a filter set editor that can make a custom firewall set suitable to answering the specific needs of individual users.

Step 3
To further understand a firewall, some firewall terms must be defined. A host is a computer unit on a network. A packet is a unit of communication on the network and is filtered by packet filters. Packet filters allow or deny packets depending on source or destination IP addresses, the TCP ACK bit or TCP, or UDP ports. The port is a number that defines a particular type of service. The filter rule is a filter set comprised of individual filter rules while a filter set is a group of individual filter rules.

Step 4

Set up a basic firewall on your router. Usually, a firewall is activated by accessing the “Connection Profile” option on the “Quick Menus”. Change Connection Profiles into “IP Profile Parameters then “Filter Set”. This basic firewall will allow traffic originating from the Local Area Network (LAN) to move out and prevent traffic from moving in unless requested by the LAN. You may also check your Router User’s Manual for additional details not found here.

Step 5

Configure your basic firewall according your preference.

Below is the example of configuring CISCO ASA as a transparent firewall……. May be this is not related to the topic directly but will help to understand the procedure.

Hackers did it again. After jail breaking now they are running Android from Google on Apple’s iPhone.

To add to the iDroid experience, the developers have also brought in the menu tab, meaning you can drag it across the screen to access the iPhone menu.

And to take things even further, the dial pad has been re-jigged to use the Hero’s larger buttons, so fat-fingered iPhone users can now rejoice.

Admittedly you have to have a jailbroken iPhone to use it, but for everyone secretly wishing their Apple device has the superior functionality of the Android interface, this theme could be the one for you.”

Google’s Android Platform is hardware agnostic which means that in theory, Android should be able to run on Apple’s iPhone just like Windows Vista strolls casually on Apple Macbook hardware.

And there are plenty of reasons why this could/should happen: Android could soon have a wealth of developers coding feverishly for the platform and Apple’s iPhone is by far the most desirable smartphone available.

The iPhone uses a variant of the Mach Kernel found in the Mac OS X and runs with the help of a 3D accelerator from PowerVR. It is powered by a proper CPU, shouldered by 128MB memory and 16GB of hard disk space.

This video will show more…..

Its just amazing, mesmerazing chain of events created by nature is avaliable to us. Thanks to Hubble telescope that made it possible. I stand in the obligation for it and want to share a beautyful picture taken by the same telescope. Its divine.

NASA’s Hubble Space Telescope image captures the chaotic activity atop a three-light-year-tall pillar of gas and dust that is being eaten away by the brilliant light from nearby bright stars. The pillar is also being assaulted from within, as infant stars buried inside it fire off jets of gas that can be seen streaming from towering peaks. This turbulent cosmic pinnacle lies within a tempestuous stellar nursery called the Carina Nebula, located 7,500 light-years away in the southern constellation Carina. The image celebrates the 20th anniversary of Hubble’s launch and deployment into an orbit around Earth. Hubble was launched April 24, 1990.

These days I am experimenting a lot and I am enjoying a lot with the new path of evolution. For the starter I tried Movie review and it is going fine, as more movie reviews are in pipeline.

I wanted to open a secret with my readers (or I say my Friends), so as to start new initiative in this blogging field. I am currently working on a Study Guide based on Hacking tools and Penetration testing. I thought i can help everyone out there with the knowledge and resources I have.

This post is meant to help my friends in there quest of knowledge.

If anyone wants any kind of information about any Hacking Tool, methods and process of Penetration testing, Intrusion or any stray topic related to information security. Kindly let me take the pain of providing you the valuable information about almost anything. What I can promise to my friends is that I will try my level best to keep the representation as simple as possible.

What you have to do is to leave the name of the topic as the comment of this post. Kindly keep it straight and simple, so I can explain it better.

Let me take this voyage to the next level to find out pearls and feathers on our way.

Happy reading.

The field of information security has grown and evolved significantly in recent years. As a career choice, there are many ways of gaining entry into the field. It offers many areas for specialization including: securing networks and allied infrastructure, securing applications and databases, security testing, information systems auditing, business continuity planning, and digital forensics science, to name a few.

Information security professionals are the individuals who restrict the unauthorized access of information and resources. The field of information security has grown and evolved significantly in recent years. As a career choice, there are many ways of gaining entry into the field. It offers many areas for specialization including: securing networks and allied infrastructure, securing applications and databases, security testing, information systems auditing, business continuity planning, and digital forensics science, to name a few.

If you are new in the Information security field, then ECSS certification is the best option for you as it covers all the topics that one needs to know to become a valuable Information security professional. ECSS certification is of EC-Council, which is a well known in field of Information Security, Ethical Hacking, Computer Forensics, and Network Security. The ECSS exam will give a holistic overview of the key components of information security and that will help you to get a good job and/or promotions.

If you are new in the Information security field, then ECSS certification is the best option for you as it covers all the topics that one needs to know to become a valuable Information security professional. ECSS certification is of EC-Council, which is a well known in field of Information Security, Ethical Hacking, Computer Forensics, and Network Security. The ECSS exam will give a holistic overview of the key components of information security and that will help you to get a good job and/or promotions. This Certification provides great opportunity to academic Graduates as well as experienced professionals.

For more information, visit the following link. http://www.eccouncil.org/certification/ec-council_certified_security_specialist.aspx

May be this title seems little foggy and vague but what I am going to give is thrilling wave. Out of no where uCertify did it again, I don’t know what are they thinking but I really like their attitude. Its 20 % discount again. Just use discount code “SAVE20″ and avail awesome discount on any PrepKit. As usual so straight and simple, and people ask me why I am there fan. Answer is clear. Click here to find more.

I found this paper really helpful, its objectives covered broad domain.

The Security Certified Network Specialist (SC0-451) certification is designed to examine the knowledge of networking and security skills required by a network security professional. This validation is done basically on the following technologies: Network Defense Fundamentals, Advanced TCP/IP, Routers and Access Control Lists, Designing Firewalls, Configuring Firewalls, Configuring Virtual Private Networks, Designing an Intrusion Detection System, Configuring an Intrusion Detection System and Securing Wireless Networks.

There are no specific prerequisites for this certification but any kind of Security+ certification or its equivalent work experience is recommended.

It provides a track for the following certifications:

1. Security Certified Network Professional (SCNP)
2. Security Certified Network Architect (SCNA)
3. Certified Information Systems Security Professional (CISSP)
4. Certified Information Security Manager(CISM)
5. Certified Wireless Security Professional(CWSP)
6. Certified Ethical Hacker(CEH)
7. Cisco Certified Security Professional (CCSP)

You will be required to attempt 60 questions in 90 minutes. You need to score 75% to pass the exam.

Having such certification shows the eligibility graph of a candidate in today’s IT industry. People with security certifications receive consistently more appointments from today’s industries and get higher base salary, bonuses, and raises as compared with other, less specialized IT positions

You can get more information at Vendor Site

Hii..Fellas..

Don’t know how you all feel this season, but this is the season of excitement and enthusiasm. Heat of the joy melting ice around us. This year I am thinking in a different way (That doesn’t mean i am going to Alaska), I gave thought to the time we look in our pocket to do a certification. This year I tried to be little more smarter (usually I am). I look out for a Discounts and offers in various PrepKit providing Sites. After hours of surfing, I found a short, clear, and simple Offer. “First 100 customers only: Buy any 3 PrepKits for only 149.99″ . What I think? We all are lucky in festive season. Santa this year coming in different style. Grab the gift, he will not wait.

My Knowledge starving friend out there. I am on my way. Do You?

Feel deserted. Here is more information.

https://www.ucertify.com/cart/todays-deal.php

or Look where i find it.

http://www.ucertify.com/blog/deals-to-blast-away-winter-blahs.html

Windows 7 creating a buzz in the maket, so how this security domain left un-touched. I think working on a new pie creates more variant oppurtunities. I am trying giving new feathers in my cap.

Windows 7 includes a number of new features, such as advances in touch and handwriting recognition, support for virtual hard disks, improved performance on multi-core processors, improved boot performance, DirectAccess, and kernel improvements. Windows 7 adds support for systems using multiple heterogeneous graphics cards from different vendors, a new version of Windows Media Center, a Gadget for Windows Media Center, improved media features, the XPS Essentials Pack and Windows PowerShell being included, and a redesigned Calculator with multiline capabilities including Programmer and Statistics modes along with unit conversion. Many new items have been added to the Control Panel, including ClearType Text Tuner, Display Color Calibration Wizard, Gadgets, Recovery, Troubleshooting, Workspaces Center, Location and Other Sensors, Credential Manager, Biometric Devices, System Icons, and Display.

Try looking out for there certification. Microsoft launches two new cert for that.

• 70-680 – MCTS: Windows 7, Configuring
• 70-685 – MCITP: Windows 7, Enterprise Desktop Support Technician

Next time i will try to provide the inference of these exams.