Author Archives: Ruben

Cisco CCNA Cyber Ops completed!

2 months in a rush was what i needed to finish my CCNA Cyber Ops, it’s composed by 2 exams:

  •  210-250 SECFND
  • 210-255 SECOPS

The e-learning was part of the Cisco scholarship, so i had all materials required to learn what was required for each exam. The SECOPS exam it was a bit more difficult due his nature of different language.

 

210-250 SECFND

This exam understand common security concepts, and start to learn the basic security techniques used in a Security Operations Center (SOC) to find threats on a network using a variety of popular security tools within a “real-life” network infrastructure.

Course Objectives

Upon completing this course, students will be able to:

  • Describe, compare and identify various network concepts
  • Fundamentals of TCP/IP
  • Describe and compare fundamental security concepts
  • Describe network applications and the security challenges
  • Understand basic cryptography principles
  • Understand endpoint attacks, including interpreting log data to identify events in Windows and Linux
  • Develop knowledge in security monitoring, including identifying sources and types of data and events
  • 210-250 SECFND

 

 210-255 SECOPS

This exam focuses on the introductory-level skills needed for a SOC Analyst at the associate level. Specifically, understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Course Objectives

Upon completion of this course, you will have the skills and knowledge to:

  • Define a SOC and the various job roles in a SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat-centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC metrics
  • Understand SOC workflow Management system and automation

CLEUR Barcelona 2018 Day 5

It was a quick intro to the portfolio, covering the Host Discovery, Traffic Flow Processing and SSL Decryption.

BRKSEC-3455 Dissecting Firepower – FTD & Firepower- Services “Design & Troubleshooting”

How to rock a Firepower installation and troubleshooting it like a Rock star, presented by one TAC Engineer Leader. Learned some best practices and corner cases made my last session at Cisco Live.

Pack up everything and go back to London sadly, i would make another week of CLEUR easily!

See you next year at CLEUR Barcelona 2019!!!

CLEUR Barcelona 2018 Day 4

I’ve been learning about BNG for a while, and this was interesting to see how Cisco is evolving the Product and Market on this area.  Met  the Marketing Engineer and the Product Manager, lovely guys by the way.

BRKCLD-2280 MultiCloud Deployment of Self Operating Applications Using Cisco CloudCenter and AppDynamics APM

I’ve been playing for a while with CloudCenter (CC) and done some cool demos with F5 integration using API’s called callout scripts in CC. Bundling CC and AppDynamics have a lot to offer, and there is no dependency between them.

Cisco Live’s Walk-in Self-Paced (WISP)

This area is a must for all the attendees, you will be able to have hands-on at some demos which are not available at Cisco dCloud, don’t lose this opportunity to learn more and have fun.

Cisco Certified Design Expert (CCDE) Exam

Yes, i did a go on the Written exam. Oh boy….i was really close to it, got 785 of 860
It was was a really good assessment, now i know what i have to cover for my next attempt.

Party time

Cisco Live is not only sessions , networking and geeks!

We know how to do an Epic Party!

https://www.youtube.com/watch?v=TrVz-ESsr44

CLEUR Barcelona 2018 Day 3

BRKDCN-2489 Cisco SD-Access – Integration with Data Center Architectures

SD-Access is primarily Campus focused, an overlay technology which allow the user to have the same user experience anywhere but the exciting part is the ball is moving to the Data Center edge exchanging policies with the Cisco ACI. It seems going to cover the gap we have these days not replicating the Policies between Campus and Data Center but ultimately i hope across the entire state.

PSOSEC-2559 The Integrated Cisco Security Portfolio for a more effective security posture

A different view how we should see the security, embracing it, adopting new paradigms, simplify it, do less for more. Everyone is protecting the perimeter, that is the actual plan. Do you have a plan after got hit? Isn’t also important?

CLEUR Barcelona 2018 Day 2

Configit was quite challenging for me specially the config on the IOS-XR, because i do not touch on this for a long time. To me it looks much more structured in a sense of the config than the IOS family

Special tank you to Lizabete Cacic, Lukasz Bromirski and team

I If you want the LAB/docs let me know

CLEUR Barcelona 2018 Day 1

A very exciting first day with swags, Cisco Champion giffs, and do networking with really nice people about new trends and challenges in the industry.

TECCCDE-3005 CCDE:The Cisco Certified Design Expert

I was really looking forward to have the session CCDE: The Cisco Certified Design Expert [TECCCDE-3005], and start move from a “How to do it” to “Why to do it” mindset shift. We covered the basic foundations for an Architect to take in consideration and Technologies on the written/lab exam.

We finished the session with a small demo about how the exam is built, and graded.

It was awesome to meet all the team and have some chat. I would like to say thank you to Russ White, Architect, Elaine Lopes,Yuri Lukin,Tom Whaley

If you are looking to start your CCDE journey here are some of the suggested study materials:

Cisco Live Barcelona 2018 here i GO!

This is going to be my 2nd Cisco Live, and i’m very excited because i’ve learned a lot over the past 8 years and i’m in a different professional stage at the moment that 8 years ago it was just a dream. I’m a strong believer that these events are important to grow your “networking” and keep you updated on new trends/technology.

So how my calendar looks like so far?

  • CCDE Techtorial and Exam
  • Firepower
  • ISE
  • Multi-Cloud
  • SD-X
  • DevOps

If you are are around, lets grab a beer and crack some of the topics above

A Flashback and a New Busy Year!

Dear Reader,

Thanks to spend your time reading this post on the first day of the new year.

The 2017 was a busy year regards projects and a new area i’ve been exploring myself (Business Development), this is quite new for me but it’s going….

What i mean by Business Development? I’ve been focus only on Engineering (hands-on) which is by far what i really like to do, so i get the implementation plan and GO! Why not dive in the conversation with the customer and understand their challenges, advise what technologies are in the market that really suit them. Presenting cutting-edge technologies and advise the customer is also something i really like.

What do i have for this upcoming year? I’ve done some re-cert’s, like Juniper, VMware and Cisco.
I have do do some re-certs this year too, but i want to focus more on the CCDE than ever, so i’m starting officially today and i hope do the Written in 6 months. I will attend the Cisco Live Barcelona 2018, so i hope get good contacts to push this even further. This is the plan mentally but i know this might has to change a bit.

CCNA Cyber Ops is just around the corner :)

Happy New Year.

Google BBR Algorithm

Google’s BBR algorithm for handling TCP traffic congestion could announce a new Era on the trasnport Control Protocol (TCP). Google announced integration with Google Cloud, a cloud hosting platform offered by Google to thousands of companies and which serves millions of websites on a daily basis.

BBR stands for “Bottleneck Bandwidth and RTT (Round-Trip Time),” and is an algorithm for optimizing how network packets travel through servers in order to avoid jamming certain routes.

If you want test this on your linux box, you can follow this guide here https://patchwork.ozlabs.org/patch/671069/

An draft IETF proposal as been made, you check see it here https://tools.ietf.org/html/draft-cheng-iccrg-delivery-rate-estimation-00

ACI anywhere with Virtual Edge (AVE)

The goal of extending ACI anywhere is becoming real with ACI Virtual Edge (EVE), the next generation of the Application Virtual Switch (AVS) for ACI environments. this should be available until the end of the year, AVE is hypervisor independent, offering consistent policy control across multiple hypervisors. For now the only target hypervisor is VMware.

AVS still supported but seems to be time for a change!

No tags for this post.

Black Hat Europe London 2017

Black Hat Europe in London this year is not a mirage, it’s real! Wake Up, time for action! Briefings, Training, Arsenal and beer you choose! Register here

And if you are a student on the cyber security arena, you can get a free scholarship which allows full access to all Briefings on Wednesday, December 6 and Thursday, December 7 at the ExCeL London, United Kingdom. You can apply here.

If you go contact me, i will be around!

Welcome to CheckPoint R80 API

Automation and orchestration capabilities these days are the key for many Organizations, and this session will show you what can you achieve with the R80.10 API.  Specifically, this session covers:

  • Introduction to using the R80.10 APIs using Postman and Ansible
  • Tips on how to add objects and services to adding rules via CLI RESTful API
  • Additional use cases
  • And much more

The content presented is below:

Slides: How to use R80.10 API for Automation and Streamlined Security (PPT)

Video: How to use R80.10 API for Automation and Streamlined Security (Video)

Scripts: CheckMates_Aug15_Demos.zip

Q&A: TechTalk Q&A: Leveraging the R80.10 API to Automate and Streamline Security Operations

Looking for more cool stuff? Check on CheckPoint CheckMates Community