Author Archives: Sajjad Ghaffoori
Author Archives: Sajjad Ghaffoori
Information Security was one of the fields that Cisco systems used to, and still heavily participating.
Now a days not just information security, but cyber security as well, is a field that Cisco is going in and training many
of their engineers to profession.
The main difference summarizes the concept of both the domains, that is for information security, it is mainly
About securing the network components and assets from unauthorized access starting from physical access
Towards the control access, and by that it means accessing the nodes controlling the network, and affecting it.
Cyber security on the other hand is about protecting the same components from attacks, inside and outside attacks.
The attacks aim is usually either stealing sensitive data, or sabotage network components, or sometimes “both”.
Information Security wise, or IT Security wise, Cisco have been there for years, and they’ve been famous for their IT Security programs including the old obsolete CCNA Security, and the CCNP/CCIE Security programs that are still valid and refreshing till now a day.
Cyber Security wise, Cisco have evolved and developed their programs to present the CyberOps programs that includes the:
AWS are known for their famous highly demanded Solutions Architect Associate (SAA) Certificate, and many thinks that it is the first step with AWS and Cloud Computing, the question now is it?, or is there any step that should be taken before, like the AWS Cloud Practitioner CLF exam?.
in this blog post we will discover and compare the agenda and the main pillars each exam teach you, and see if it worth skipping CLF and start directly with SAA.
Your very first chapter to start studying AWS CLF with will be the cloud concepts, this will give a general overview of what is the idea and concept of cloud computing, what would AWS provide regarding that, and are you about to experience.
Luckily this part is shared between both the exams of AWS CLF and SAA, and we’ll find a share for it here and there, to understand what we are about to start with such exams.
that makes them equal here, 1-1.
Having zero knowledge about cloud computing and the restrictions and differentiations that might occur with it, upon implementing a new network on the cloud for the first time will require Continue reading
OSPF Administrative Distance, or OSPF AD, is the key of electing OSPF among other routing protocols (if existed) leading to the same target within the same routing table, in this blog post we will discover the basics and types of Administrative Distances for OSPF across multiple different platform.
For Cisco systems operating systems, regardless of their platforms, all the IOS-XE, IOS-XR, and NX-OS OS’s treats OSPF based on the “AD” which has the value of “110”.
Now the most important thing is not just to know the numerical value which will be useless without knowing its order of preference among the other routing protocol Administrative Distances.
The values will be as follows regarding the Static and Dynamic Routing Protocols:
This Shows that OSPF routes to a specific target can be hidden if one of the dynamics (EIGRP or eBGP) routes was installed in the routing table, that also includes the Direct and Static as well.
Dealing with devices/platforms from Juniper Networks will get you to face and Continue reading
There are commons and differences to the time when it comes to configuring an OSPF routing protocol on a router you manage, based on the router’s manufacturer.
We will take a look at the basic sample of configuring OSPF on Cisco IOS-XE and Juniper’s JunOS operation systems.
With ios-xe we start configuring OSPF by mentioning the numerical value of the:
And what that does mean is just a number to isolate some hierarchical designs of the OSPF process on the router of cisco.
Does it have to be matched on both the peering ends?, the answer is NO
Does it affect some priorities in some OSPF election processes?, the answer is also NO
Is it that mandatory?, well based on that “OS” it is, but it is not a general OSPF concept?
As it is missing with the other vendors!!
That makes the first line of configuration look like this:
OERouter1(config)#router OSPF [Process ID]
i.e. “OERouter1(config)#router ospf 10
the later step after getting into the hierarchical mode of OSPF, specifying the process ID as well, is to advertise the networks.
these networks Continue reading
Language-wise it stands for Open Shortest Path First, and Family wise it belongs to the Link-State Interior Gateway Dynamic Routing Protocols.
done with the CV yet?, OSPF is an open standard internal routing protocol that is supported across all the different vendors manufacturing networking platforms.
In this article, we will review the basics and specs of this protocol, and see its own unique features.
As a start, the OSPF routing protocol uses a multicast hello message that is destined to the OSPF Multicast address of 244.0.0.5 seeking any possible other OSPF routers in the area.
This message keeps repeating every 10 seconds by default, and that will be out of the interfaces that announced an OSPF configuration, which depends on how you configured it + the vendor-specific configuration template.
Upon receiving a multicast hello message from another router we already sent it a hello message earlier, and that should be within the dead timer of 40 seconds maximum (by default).
An OSPF neighbor process will start by:
How to pass the Certified Cloud Practitioner from AWS, exam details and type, and what to expect
The exam agenda starts with the concept of cloud computing and differences of it with on-premise networks.
then it shows you all the AWS services that will be more than enough to migrate or establish a network on AWS’s cloud
which will have all the facilities and can be fully or partially managed by AWS for you.
and of course everything comes for a price, AWS will declare the prices of their services, what is for FREE and what is not
and will provide many easy tools for costs calculation and best practices with AWS.
Amazon provides a free tier 12-month access to whomever creates an account for the 1st time with them
the account has a free access to many AWS services that will allow for both studying and actual testing/benefiting from their services.
The current version of this exam CLF-C01 has a 65 written question in the exam.
all the questions are single/multi-answer MCQs and no other type of questions Continue reading
Amazon Web Services (AWS) CLF or CCP, how you want to name it (CLF is the official exam and badge name).
as it stands for Certified Cloud Practitioner, with the current version of CLF-C01.
AWS CLF is the very first step for any engineer, regardless of their experience in the IT domain,
to start understanding and put a step in the world of cloud computing.
The exam/certificate focuses on many different aspects, some are shared with other exams from AWS, some are CLF-Focused.
This includes the concept of cloud computing, comparison of many aspects of networking between On-premise networks and cloud networks.
Introduction to AWS and how much does AWS covers/offers of on-premise services on their cloud, ready to be directly initiated and used.
AWS most critical aspect when you decide to network on their infrastructure, and that is “Billing”, this is a very important and critical concept to really understand and know how to deal with when you start working with AWS networks.
Many tends to skip this exam, and keeps spreading the idea that “SAA is the Associate exam of AWS Services, and it should be the Continue reading
It is the very version released for this exam, kind of replacing the Routing+TShoot exam of the old CCNP RS,
and it has the code of 300-410
the exam generally has 4 modules to study and focus on, teaching you configuring and troubleshooting many protocols,
on the aspect of “routing, virtualization & security, IP services, and assurance”
Skills learned with ENARSI
Deep Dive Troubleshooting Mainly for:
The carrier of this badge is expected to have a skills level for routing, security, and virtualization that is definitely higher than the level covered by the CCNP ENCOR exam, and near reaching the level of the CCIE Enterprise Infrastructure, so be careful by really LABBING every topic in the exam with all the possibilities and scenarios.
The first and the current version of the exam has the code of 300-410.
even though that agenda barely have the word “describe” within its modules, and that most of the topics are to be configured
and troubleshooted, but just like ALL the new NON-LAB Continue reading
What is ENARSI, one of the “Specialist” level exam and certificate belonging to the CCNP Enterprise domain, that was announced on June 9th – 2019.
it is the first version of the ENARSI exam that not only participates in the CCNP Enterprise certificate, but also once passed, it will grant the candidate a certificate called:
ENARSI was not the only exam announced from Cisco regarding CCNP Enterprise Specialty, an entire new domain of knowledge and hierarchy was there as well.
ENARSI might be your first and best choice if one of 2 cases:
The other exams are “ENSDWI, ENSLD, ENWLSI, ENWLSD, and ENAUTO”
So as mentioned in previous blogs, the ENCOR + one of the exams mentioned above (could be the ENARSI)
will result in a CCNP Enterprise Certified
It is actually very important not just to accomplish the nice, highly wanted, Continue reading
DEVASC Study Resources and Plan are available and detailed in the course of DEVASC 200-901 on out website.
The exam is not simple or foundational level, it is as always with Cisco, starts with you from scratch.
up to a solid level where you are capable of discussing and implementing a solution.
so studying and preparing should be careful and detailed as well.
Even though the exam is considered a Written one, but preparation are almost 30% written only
and by that i mean theoretical parts where you only get some concepts and leave, no implementations.
SO 70% of the preparation should be practical, coding and validating a lot, constructing and encoding requests
to communicate and work with Cisco platforms remotely.
studying should be by constructing and validating every code for every request and platform of Cisco mentioned in the exam agenda.
Constructing and sending API’s and requests will be by using:
Validating the results will always be through the same construction and pushing platform mentioned above.
How to Pass DEVASC? the new exam from Cisco, first version released in 2019, having an exam code of 200-901
the exam generally has 6 modules to study and focus on, teaching you data encoding languages for the first time,
introducing the Cisco Sandbox for practices, and start automation Cisco’s platforms over the Sandbox.
Skills learned with DEVASC
many encoding, programming, and automation skills, including:
the presence here for Cisco is not to just TEACH you DEVNET/DEVOPS
but to allow you to implement and practice most of the tools/techniques on their platform
using the FREE new sandbox service.
the first and the current version of the exam has the code of 200-901
it is kind of a written exam, why kind of?, because the exam questions can be:
What is DEVASC, a new question actually, DEVNET Associate from Cisco Systems is their first DEVOPS derived DEVNET certificate that was announced on June 9th – 2019.
it is the first version of the DEVASC exam that grants the Cisco Certified DEVNET Associate certificate,
and has the exam number of 200-901
DEVASC was not the only exam announced from Cisco regarding DEVNET, an entire new domain of knowledge and hierarchy was there as well.
DEVASC would be your first step in that hierarchy, then you will see DEVNET Professional which contains so many exams inside it.
one of them is mandatory, and a selective one of the others is required to become a CCDevP, that will be for another blog.
and the highest peak is the recently officially announced CCDevE, an 8-Hours LAB exam to validate how expert you are with Cisco DEVNET.
not just because it is a fresh branch, or not something that is generally provided by other vendors, but because the agenda of the DEVASC are very useful.
they do as always with Cisco, start from scratch telling you what is DEVOPS, DEVNET, DEVASC, Continue reading
Cyber Security, sometimes you might find it as Cyber Operations, CyberOps, is the branch of Network Security that focuses on attacks, from the internet or from the inside of the network, gaps, bugs, look for them before they get used, fix them, and look again.
so the engineers continue to keep looking and fixing, as the internet is always evolving and generating more threats.
generally, the domain of security (Information Security, Cyber Security) has nowadays hundreds of certifications and exams from many different vendors.
some are involved in the industry of making security devices/components, others are there just to teach us and make us the best engineers in the domain.
and mostly, cyber stuff comes from companies that focuses on creating the content/references more.
rather than information security exams and books that comes from vendors that produces platforms (Firewalls, IPS, IDS, NGFW, NGIPS, ESA, WSA, and many others).
so as a beginner, up to higher than an expert, many exams should be studied.
of course alongside with some other general/networking exams that you might already hold before studying the cyber security, and these exams will be mentioned below.
is it even related?, or should I ask “comparable?”
yes it is both actually, and in this blog we will review both of the exams, talk about the agenda, which one should be taken before the other, and result of both of them.
Relation between CCNP ENCOR vs ENARSI
both the exam belongs to the certificate of Cisco CCNP Enterprise, and taking each individually will grant you A Certificate!
so it is a win-win scenario, but still the question is which one should i take first, and that will be followed below
ENCOR first, generally a Technology Core exam, focusing on 7 domains of knowledge:
and NO DEEP DIVE in any of these!!!
while for ENARSI:
and that’s it!,
The Enterprise Core Exam, that also leads to the certificate of:
“Cisco Certified Specialist – Enterprise Core”
is one of many new exams and certs that were announced by Cisco back in summer 2019.
this exam is actually jumping in the middle of the CCNP Certificate and labeling it as CCNP Enterprise
throwing the old label of CCNP Routing & Switching with all its old 3 exams (Routing, Switching, and Troubleshooting).
ALSO, interestingly it is replacing the old CCIE Routing & Switching Written Exam, with a new method of becoming CCIE
and that is the CCIE Enterprise Infrastructure, that only requires this ENCOR as a prerequisite.
so it is nice to pass the ENCOR exam and be involved on both CCNP Enterprise and CCIE Enterprise Infrastructure.
The first impression that you might take when you hear about an exam that replaces the old famous CCNP Routing & Switching, also replacing that difficult, expert-rate, 100+ written exam of the CCIE Routing & Switching.
then you get either frightened of that exam’s level, or brace you yourself for something so advanced and challenging coming, well, the Continue reading
On June 9th – 2019, Cisco made an announcement of deleting and replacing ALL their CCNP Level “Exams”.
saying exams instead of certificates, as the labels of most the Certificates remained the same
(except for CCNP RS, who got replaced with CCNP – Enterprise).
The new Exams as they are linked to the CCNP badges, came with a new criteria of becoming “Certified”.
now you will need to pass ONLY 2 exams and you will get granted the CCNP Badge, rather than needing a minimum of 3-4 exams in the previous system.
The new system requires 2 isolated parts to fulfill, before you become certified:
1- A Technology Core Exam, which plays a role in engaging you in 2 paths of certs. (The CCNP & The CCIE).
– and that will be:
– Enterprise, Security, Service Provider, Collaboration, Data Center, and the newly established DEVNET & CyberOps
2- A Technology Concentration Exam, every domain of the 7 mentioned in Point “1”, has a 1-7 different technologies to concentrate on.
This will be kind of having a Master degree in engineering, you consider some general topics, and focus on some other.