Thursday, September 14, 2017

C2150-606 IBM Security Guardium V10.0 Administration

Test information:
Number of questions: 55
Time allowed in minutes: 90
Required passing score: 63%
Languages: English

Related certifications:
IBM Certified Administrator - Security Guardium V10.0

The test consists of 6 sections containing a total of approximately 55 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1 - Product features and capabilities (16%)
Understand high-level components of a Guardium solution.
Describe the features and capabilities of Data Activity Monitoring (DAM) and File Activity Monitoring (FAM).
Describe the features and capabilities of Classification, Entitlement, and Vulnerability Assessment.
Use data level access control features (SGATE and Redaction).
Describe features and capabilities of available agents and modules (GIM, S-TAP, CAS, etc).

Section 2 - Planning, sizing and capacity (15%)
Identify the main factors that affect the volume of data managed by Guardium including backups and archives.
Plan appliance location architecture.
Understand properties of the systems to be monitored such as operating systems, databases, type of data and volume and their effects.
Plan strategy for high availability.
Calculate the number and type of appliances required based on Processor Value Unit (PVU) load.
Identify the system requirements of Guardium appliances.

Section 3 - Installation and configuration (25%)
Locate and download appropriate Guardium appliance and agent installers.
Build new collectors and aggregators.
Perform initial appliance setup and configuration.
Configure appliance data management processes and schedules.
Configure the appliance for interfacing with standard systems (mail, SNMP, LDAP, SIEM).
Manage the access of Guardium users.
Install Guardium Installation Manager (GIM) and upgrade agents and modules with GIM.
Install software tap (S-TAP) from command line.
Demonstrate detailed understanding of agent configuration and inspection engine parameters.

Section 4 - Data monitoring, policy rules and reporting (15%)
Perform a Vulnerability Assessment test.
Differentiate the effects of policy rules and associated actions.
Define and use monitoring features such as queries, reports, audit processes, and alerts.
Use Enterprise Search.

Section 5 - Self-monitoring and performance (15%)
Use Guardium self-monitoring reports and alerts.
Analyze and act upon errors or exceptions.
Identify and resolve appliance performance issues.
Optimize internal database tables to maintain performance.
Monitor and report on Guardium user activity.
Maintain a managed environment.

Section 6 - Maintenance and support (15%)
Use available IBM troubleshooting resources and services, for example, Knowledge Center, technotes and IBM Support.
Plan and install appliance patches and agent upgrades.
Collect diagnostic information and troubleshoot problems.
Use common Command Line Interface (CLI) and GrdAPI commands including support commands.
Restore data and configuration from backups and archives.

IBM Certified Administrator - Security Guardium V10.0

Job Role Description / Target Audience
This intermediate level certification is intended for Guardium administrators (data security and deployment professionals).

This certification covers the products IBM Security Guardium Data Activity Monitor V10.0, IBM Security Guardium File Activity Monitor V10.0, and IBM Security Guardium Vulnerability Assessment 10.0.

These Guardium administrators are familiar with the product features and capabilities, plan, install and configure, self-monitor and monitor data, define policy rules and report, maintain and support.

To attain the IBM Certified Administrator - Security Guardium V10.0 certification, candidates must pass 1 test. To prepare for the test, it is recommended to refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives and the test preparation tab.

Basic knowledge of:
operating systems and databases.
hardware or virtual machines.
networking and protocols.
auditing and compliance.
information security guidelines.

Requirements
This certification requires 1 test(s).
QUESTION 1
AGuardium administrator just finished installing the Guardium product to build a Collector. The administrator wants to make sure the Collector has the licenses needed to provide functionality for data activity monitoring, masking and blocking (terminate).
Which of the following lists the minimum licenses the administrator needs to install?

A. Base Collector license.
B. None, the licenses required are already installed automatically by the Guardium product installer.
C. Base Collector license plus IBM Security Guardium Standard Activity Monitor for Databases (DAM Standard).
D. Base Collector license plus IBM Security Guardium Advanced Activity Monitor for Databases (DAM Advanced).

Answer: D

QUESTION 2
A Guardium administrator is planning to build an environment that contains an S-TAP with one primary Collector and one failover Collector. What must the administrator ensure when setting up this environment?

A. Both Collectors are centrally managed.
B. There is network connectivity between the S-TAP and both Collectors.
C. Guardium Installation Manager (GIM) is installed on the Database Server.
D. in the guard_tap.ini file of the S-TAP set participate_in_load_balancing=1

Answer: B

QUESTION 3
During a Guardium deployment planning meeting, the team decides to deploy all S-TAP agents on all Unix/Linux database systems. A Unix/Linux system administrator team manager asks a Guardium administrator if there are any differences between Guardium S-TAPs for AIX and Linux systems that the team should be aware of.
What should be the Guardium administrator's response?

A. A-TAP is required on all AIX DB Servers.
B. aserver reboot is required to capture shared memory traffic from all databases on AIX.
C. K-TAP is required on the AIX DB servers. The exact uname -a output is required to determine the correct K-TAP module for the server.
D. K-TAP is required on the Linux DB servers. The exact uname -a output is required to determine the correct K-TAP module for the server.

Answer: B
Posted by at No comments:
Labels: , , , , ,

Friday, August 25, 2017

C2150-600 IBM Security Trusteer Fraud Protection Fundamentals

Test information:
Number of questions: 30
Time allowed in minutes: 60
Required passing score: 69%
Languages: English, French, Latin American Spanish, Portuguese (Brazil)

Related certifications:
IBM Certified Associate - Security Trusteer Fraud Protection

Product Functionality (80%)
Comprehension: Identify a plan to install a client on a mobile device or desktop computer (PC or Mac)
Comprehension: Identify a plan to uninstall a client from a mobile device or desktop computer (PC or Mac)
Comprehension: Explain the functionality and features of IBM Trusteer clientless (cloud-based) protection
Comprehension: Explain the functionality and features of IBM Trusteer client-based protection
Comprehension: Identify the reporting functionality of the TMA system

Basic Troubleshooting and Analysis (10%)
Comprehension: Identify basic troubleshooting tasks and analysis.

Deployment (10%)
Comprehension: Explain the deployment process and options of the IBM Trusteer Pinpoint platform.BM Certified Associate - Security Trusteer Fraud Protection

Job Role Description / Target Audience
An IBM Certified Trusteer Fraud Fundamentals Professional is an individual (sales engineers) who can demonstrate basic support and technical knowledge of the Trusteer Fraud product portfolio, including implementation and management of a Trusteer Fraud solution.

Recommended Prerequisite Skills
Network Data communications
Network Security
Windows OS
Mac OS




Posted by at No comments:
Labels: , , , , , ,

Sunday, August 6, 2017

C2090-930 IBM SPSS Modeler Professional v3

Test information:
Number of questions: 60
Time allowed in minutes: 90
Required passing score: 67%
Languages: English, Japanese

Related certifications:
IBM Certified Specialist - SPSS Modeler Professional v3

This test will certify that the successful candidate has the fundamental knowledge to participate as an effective team member in the implementation of IBM SPSS Modeler Professional analytics solutions.

SPSS Modeler Professional Functionality (10%)
Identify the purpose of each palette
Describe the use of SuperNodes
Describe the advantages of SPSS Modeler scripting

Business Understanding and Planning (10%)
Describe the CRISP-DM process
Describe how to map business objectives to data mining goals

Data Understanding (15%)
Describe appropriate nodes for summary statistics, distributions, and visualizations (for example, graph nodes, output nodes)
Describe data quality issues (for example, outliers and missing data)

Data Preparation (20%)
Describe methods for data transformation (for example, Derive node, Auto Data Prep node, Data Audit node and Filler node)
Describe how to integrate data (for example, Merge node and Append node)
Describe sampling, partitioning, and balancing data (for example, Sample node, Balance node and Partition node)
Describe methods for refining data (for example, Select node, Filter node and Aggregate node)

Modeling (20%)
Describe classification models (including GLM and regression)
Describe segmentation models
Describe association models
Describe auto modeling nodes
Demonstrate how to combine models using the Ensemble node

Evaluation and Analysis (15%)
Demonstrate how to interpret SPSS Modeler results (for example, using Evaluation node, Analysis node, and data visualizations)
Describe how to use model nugget interfaces

Deployment (10%)
Describe how to use Export nodes (tools for exporting data)
Identify how to score new data using models
Identify SPSS Modeler reporting methods

IBM Certified Specialist - SPSS Modeler Professional v3

Job Role Description / Target Audience
The candidate has knowledge of analytical solutions, understands IBM SPSS Modeler capabilities, has knowledge of the IBM SPSS Modeler data model, can apply consistent methodologies to every engagement and develop SPSS predictive models.

To achieve the IBM Certified Specialist - SPSS Modeler Professional certification, candidates must possess the skills identified under Recommended Prerequisite Skills, if any, and pass one (1) exam.

Upon completion of this technical certification the successful candidate shows having the fundamental knowledge to participate as an effective team member in the implementation of IBM SPSS Modeler Professional analytics solution.

Recommended Prerequisite Skills
The following are topics that are assumed before your test preparation and will not be tested on :
Database and ODBC concepts
Basic proficiency in statistical concepts
Knowledge of basic computer programming
QUESTION 1
You have collected data about a set of patients, all of whom suffered from the same illness. During their course of treatment, each patient responded to one of five medications. The column. Drug, is a character field that describes the medication. You need to find out which proportion of the patients responded to each drug.
Which node should be used?

A. Web node
B. Distribution node
C. Sim Fit node
D. Evaluation node

Answer: C

QUESTION 2
When describing data, which two nodes address value types? (Choose two.)

A. Data Audit node
B. Statistics node
C. Type node
D. Report node

Answer: A,C

QUESTION 3
How many stages are there in the CRISP-DM process model?

A. 4
B. 6
C. 8
D. 10

Answer: C

QUESTION 4
An organization wants to determine why they are losing customers.
Which supervised modeling technique would be used to accomplish this task?

A. PCA
B. QUEST
C. Apriori
D. Kohonen

Answer: C

QUESTION 5
You want to create a Filter node to keep only a subset of the variables used in model building, based on predictor importance.
Which menu in the model nugget browser provides this functionality?

A. File
B. Preview
C. View
D. Generate

Answer: C




Posted by at No comments:
Labels: , , , , , ,

Tuesday, July 4, 2017

RC0-C02 CASP Recertification Exam

Eligibility Candidates MUST have
An active CASP CE certification earned by passing exam CAS-001.
Received an email from CompTIA containing a Private Access Code (PAC).
Exam Description The CASP Recertification Exam covers these domains:
1.0 Enterprise Security (42% of Total)
2.0 Risk Management and Incident Response (11% of Total)
3.0 Research and Analysis (17% of Total)
4.0 Technical Integration of Enterprise Components (30% of Total)
Number of Questions: 40
Type of Questions Multiple choice questions (single and multiple response)
Length of Test: 60 Minutes
Passing Score: Pass/Fail only. No scaled score.
Delivery: Non-proctored Pearson IBT
CEU Impact
Only candidates with an active CASP CE certification will receive CEU credit.
Passing the exam will automatically renew your existing CASP CE. Please allow 1-3 days for your record to be updated.
INTRODUCTION
The CompTIA Advanced Security Practioner (CASP)
Recertification exm is one way for CompTIA certified professionals to keep their CASP certification active. A CASP certification earned on or after January 1st, 2011 is valid for three years from the date the certification was earned. The certification must be renewed within three years in order for the individual to remain certified. To remain certified, individuals may:
Re-take (and pass) the current certification exam (CAS-002)
Participate in continuing education activities
Take (and pass) the CASP recertification exam (RC0-C02)
The CASP Recertification Exam RC0-C02 bridges the competencies measured by the CASP CAS-001 exam and the CAS-002 exam. The exam (RC0-C02) blueprint includes the objectives new to the CAS-002 series and also assesses the highest weighted competencies that appear on the previous (CAS-001)exam (i.e., the knowledge and skills rated by SMEs as most relevant for on-the-job performance).
NOTE: Availability of RC0-C02 is LIMITED TO THOSE who have kept their CASP certification active and have not taken and passed the current CAS-002 series exam.
The CompTIA Advanced Security Practitioner Certification Exam is accredited by ANSI to show compliance with the ISO 17024 Standard and, as such, undergoes regular reviews and updates to the exam objectives.
The following CASP Recertification RC0-C02 exam objectives result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an advanced-level security professional.
This examination blueprint includes domain weighting, test objectives, and example content. Example topics and concepts are included to clarify the test objectives and should not be construed as a comprehensive listing of all the content of this examination.
Candidates are encouraged to use this document to guide their studies. The table below lists the domains measured by this examination and the extent to which they are CompTIA Advanced Security Practitioner Recertification
QUESTION 1 – (Topic 1)
ABC Corporation has introduced token-based authentication to system administrators due to the risk of password compromise. The tokens have a set of HMAC counter-based codes and are valid until they are used. Which of the following types of authentication mechanisms does this statement describe?
A. TOTP
B. PAP
C. CHAP
D. HOTP
Answer: D
Explanation:
The question states that the HMAC counter-based codes and are valid until they are used. These are “one-time” use codes.
HOTP is an HMAC-based one-time password (OTP) algorithm.
HOTP can be used to authenticate a user in a system via an authentication server. Also, if some more steps are carried out (the server calculates subsequent OTP value and sends/displays it to the user who checks it against subsequent OTP value calculated by his token), the user can also authenticate the validation server.
Both hardware and software tokens are available from various vendors. Hardware tokens implementing OATH HOTP tend to be significantly cheaper than their competitors based on proprietary algorithms. Some products can be used for strong passwords as well as OATH HOTP.
Software tokens are available for (nearly) all major mobile/smartphone platforms.
QUESTION 2 – (Topic 1)
Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?
A. Deduplication
B. Data snapshots
C. LUN masking
D. Storage multipaths
Answer: C
Explanation:
A logical unit number (LUN) is a unique identifier that designates individual hard disk devices or grouped devices for address by a protocol associated with a SCSI, iSCSI, Fibre Channel (FC) or similar interface. LUNs are central to the management of block storage arrays shared over a storage area network (SAN).
LUN masking subdivides access to a given port. Then, even if several LUNs are accessed through the same port, the server masks can be set to limit each server’s access to the appropriate LUNs. LUN masking is typically conducted at the host bus adapter (HBA) or switch level.
QUESTION 3 – (Topic 1)
An application present on the majority of an organization’s 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve the issue?
A. Deploy custom HIPS signatures to detect and block the attacks.
B. Validate and deploy the appropriate patch.
C. Run the application in terminal services to reduce the threat landscape.
D. Deploy custom NIPS signatures to detect and block the attacks.
Answer: B
Explanation:
If an application has a known issue (such as susceptibility to buffer overflow attacks) and a patch is released to resolve the specific issue, then the best solution is always to deploy the patch.
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.
Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user’s files, change data, or disclose confidential information. Buffer overflow attacks are said to have
arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.
QUESTION 4 – (Topic 1)
A process allows a LUN to be available to some hosts and unavailable to others. Which of the following causes such a process to become vulnerable?
A. LUN masking
B. Data injection
C. Data fragmentation
D. Moving the HBA
Answer: D
QUESTION 5– (Topic 1)
select id, firstname, lastname from authors
User input= firstname= Hack;man
lastname=Johnson
Which of the following types of attacks is the user attempting?
A. XML injection
B. Command injection
C. Cross-site scripting
D. SQL injection
Answer: D
Explanation:
The code in the question is SQL code. The attack is a SQL injection attack.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in
an application’s software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed
and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
Posted by at No comments:
Labels: , , , , , , ,

Saturday, May 27, 2017

C2090-312 IBM DB2 11 DBA for z/OS

Test information:
Number of questions: 67
Time allowed in minutes: 90
Required passing score: 59%
Languages: English

The IBM Certified Database Administrator is the lead database administrator (DBA) for the DB2 product on the z/OS operating system. This individual has significant experience as a DBA and extensive knowledge of DB2, specifically the new features and functionality related to version 11. This person is capable of performing the intermediate to advanced tasks related to database design and implementation, operation and recovery, security and auditing, performance, and installation and migration/upgrades specific to the z/OS operating system.

Section 1 - Database Design and Implementation (24%)
Design tables and views (columns, data type considerations for large objects, XML, column sequences, user-defined data types, temp tables, clone tables, temporal tables, MQTs, new archive transparency, etc.)
Explain the different performance implications of identity column, row ID, and sequence column definitions (applications, utilities), hash access
Design indexes (key structures, type of index, index page structure, index column order, index space, clustering, compression, index on expression, include column)
Design table spaces (choose a DB2 page size, clustering) and determine space attributes
Perform partitioning (table partitioning, index partitioning, DPSI, universal table space)
Normalize data (E-R model, process model) and translate data model into physical model (denormalize tables)
Implement user-defined integrity rules (referential integrity, user-defined functions & data types, check constraints, triggers)
Use the appropriate method to alter DB2 objects (table, column, drop column, alter limit key, index, table space, database, online schema)
Understand impacts of different encoding schemes

Section 2 - Operation and Recovery (22%)
Knowledge of commands for normal operational conditions (START, STOP, DISPLAY)
Knowledge of commands and utility control statements for use in abnormal conditions (RECOVER, RESTART)
Load and unload data into and from the created tables
Reorganize objects when necessary (reorg avoidance, automatic mapping table, new reorg features)
Monitor the object by collecting statistics (run stats, improved in-line statistics, real time stats, autonomic stats, and statistics related stored procedures)
Monitor and manage threads and utilities (distributed, local, MODIFY DDF)
Identify and respond to advisory/restrictive statuses on objects
Identify and perform problem determination (traces and other utilities, plans and packages)
Perform health checks (check utilities, offline utilities, catalog queries)

Identify and perform actions that are needed to protect databases from planned and unplanned outages (tables spaces; indexes; full pack; hardware; Flash copies; full, incremental, reference update; copy-to-copy, non-data objects; catalog) and recovery scenarios (off-site recovery, data sharing, table spaces, indexes, roll forward, roll back, current point in time, prior point in time, system point in time copy and restore, catalog and directory, offline utilities (DSN1), new Extended RBA and LRSN)

Section 3 - Security and Auditing (6%)
Understanding privileges and authorities
Protect access to DB2 and its objects
Audit DB2 activity and resources and identify primary audit techniques
Identify and respond appropriately to symptoms from trace output or error messages that signify security problems

Section 4 - Performance (22%)
Plan for performance monitoring by setting up and running monitoring procedures (continuous, detailed, periodic, exception)
Analyze performance (manage and tune CPU requirements, memory, I/O, locks, response time, index and table compression)
Analyze and respond to RUNSTATS statistics analysis (real-time, batch, catalog queries, reports, histograms)
Determine when and how to perform REBIND (APCOMPARE and APREUSE)
Describe DB2 interaction with WLM (distributed, stored procedures, user-defined functions, RRS)
Interpret traces (statistics, accounting, performance) & explain the performance impact of different DB2 traces
Identify and respond to critical performance metrics (excessive I/O wait times, lock-latch waits and CPU waits; deadlocks, timeouts, RID failures)
Review and tune SQL (access paths, EXPLAIN tables, awareness of query transformation and predicate processing, use of Virtual Indexes)
Dynamic SQL Performance (DSN_STATEMENT_CACHE_TABLE, parameter markers, literal replacement, REOPT)
Design features for performance (hash row access, inline LOBs)
Knowledge of controlling access paths (SYSSTATSFEEDBACK table, SYSQUERY)

Section 5 - Installation and Migration / Upgrade (7%)
Knowledge and understanding of the critical ZPARMs (database-, object- and application-oriented, application compatibility - no DDF)
Identify and explain Datasharing components and commands
Knowledge of pre-migration checklists
Knowledge of catalog and directory (new tables, change tables, new objects)

Section 6 - Additional Database Functionality (10%)
Knowledge of SQL constructs (temporal, archive, table functions, built-in scalar functions, recursive, common table expresssions)
Knowledge of SQL/PL (Array data type, new array data type functions, functions and procedures)
Knowledge of SQL/XML (results database, XML functions, cross loader with XML, xpath expressions, FLWOR, pattern matching and regular expressions)
Knowledge of Stored Procedures (native, external, autonomous, ziip considerations)
Knowledge of User-defined functions (scalar functions, table functions, SQL/external functions)
Knowledge of global variables (in stored procedures, in SQL/PL, distributed considerations)

Section 7 - Distributed Access (7%)
Implementing distributed data access (communications database)
Knowledge of ZPARMs (for DDF)
Knowledge of DDF setup (DB2 Connect, Client, Drivers, profile tables, RLMT)
Understanding and implementing distributed data access (perf settings for DDF access)

IBM Certified Database Administrator - DB2 11 DBA for z/OS

Job Role Description / Target Audience
The IBM Certified Database Administrator is the lead database administrator (DBA) for the DB2 product on the z/OS operating system. This individual has significant experience as a DBA and extensive knowledge of DB2, specifically the new features and functionality related to version 11. This person is capable of performing the intermediate to advanced tasks related to database design and implementation, operation and recovery, security and auditing, performance, and installation and migration/upgrades specific to the z/OS operating system.

QUESTION 1
Given this statement:
RUNSTATS TABLESPACE DB1 TS1 RESET ACCESSPATH HISTORY ACCESSPATH
Which statement is FALSE?

A. It resets all real-time statistics (RTS) for DB1TS1.
B. It resets all access path statistics for DB1TS1 in the catalog.
C. It invalidates the dynamic statement cache for table space DB1TS1.
D. It externalizes current access paths statistics for DB1 TS1 to HIST catalog tables.

Answer: C

Explanation:

QUESTION 2
What is the least disruptive way of externalizing real-time statistics for table space DB1TS1?

A. -SET LOG LOGLOAD(O)
B. -DISPLAY DB(DB1)SPACENAM(TS1)
C. RUNSTATS TABLESPACE DB1TS1
D. -ACCESS DB(DB1) SPACENAM(TSI) MODE(STATS)

Answer: C

Explanation:

QUESTION 3
Which statement is true for data in columns defined with data type XML?

A. Data stored in XML columns cannot be indexed.
B. It is possible to define the XML column with an INLINEJ.ENGTH.
C. You can partially UPDATE, DELETE from, and INSERT into an XML document.
D. If you want to change an existing XML document, you have to replace the whole document in the XML column.

Answer: C

Explanation:

QUESTION 4
Assuming you are the SYSADM, what is the effect of executing the EXPLAIN STMTCACHE ALL
statement?

A. The table DSN_STATEMENT_CACHE_TABLE table contains a row for each SQL statement in the Local Dynamic Statement Cache.
B. The PLAN_TABLE contains the access path of each SQL statement in the Local Dynamic Statement Cache.
C. The PLAN_TABLE contains the access path of each SQL statement in the Global Dynamic Statement Cache.
D. The table DSN_STATEMENT_CACHE_TABLE table contains a row for each SQL statement in the Global Dynamic Statement Cache.

Answer: D

Explanation:

QUESTION 5
Which two options can be specified in order to access a system-period temporal table for a
specific point in time guaranteeing accurate results?

A. A period-specification placed in the FROM clause of a subselect.
B. A period-specification placed in the WHERE clause of a subselect
C. A SELECT statement predicate against the transaction start ID of the base table.
D. A predicate against the start and end columns of the base table placed in the WHERE clause of a subselect.
E. A SET of the CURRENT TEMPORAL SYSTEM_TIME special register to a non-null value prior to a SELECT against the temporal table.

Answer: C,E

Explanation:
Posted by at No comments:
Labels: , , , , , , ,

Friday, March 10, 2017

200-125 CCNA Cisco Certified Network Associate Exam

Exam Number 200-125 CCNA
Associated Certifications CCNA Routing and Switching
Duration 90 Minutes (50-60 questions)
Available Languages English, Japanese

This exam tests a candidate's knowledge and skills related to network fundamentals, LAN switching technologies, IPv4 and IPv6 routing technologies, WAN technologies, infrastructure services, infrastructure security, and infrastructure management.

The Cisco Certified Network Associate (CCNA) Routing and Switching composite exam (200-125) is a 90-minute, 50–60 question assessment that is associated with the CCNA Routing and Switching certification. This exam tests a candidate's knowledge and skills related to network fundamentals, LAN switching technologies, IPv4 and IPv6 routing technologies, WAN technologies, infrastructure services, infrastructure security, and infrastructure management.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Subscribe to Cisco Learning Network Premium and access the most comprehensive e-learning training, resources and tools you’ll need to prepare for your CCENT, CCNA and CCNP Routing and Switching certifications.

1.0 Network Fundamentals 15%

1.1 Compare and contrast OSI and TCP/IP models

1.2 Compare and contrast TCP and UDP protocols

1.3 Describe the impact of infrastructure components in an enterprise network

1.3.a Firewalls
1.3.b Access points
1.3.c Wireless controllers

1.4 Describe the effects of cloud resources on enterprise network architecture

1.4.a Traffic path to internal and external cloud services
1.4.b Virtual services
1.4.c Basic virtual network infrastructure

1.5 Compare and contrast collapsed core and three-tier architectures

1.6 Compare and contrast network topologies

1.6.a Star
1.6.b Mesh
1.6.c Hybrid

1.7 Select the appropriate cabling type based on implementation requirements

1.8 Apply troubleshooting methodologies to resolve problems

1.8.a Perform and document fault isolation
1.8.b Resolve or escalate
1.8.c Verify and monitor resolution

1.9 Configure, verify, and troubleshoot IPv4 addressing and subnetting

1.10 Compare and contrast IPv4 address types

1.10.a Unicast
1.10.b Broadcast
1.10.c Multicast

1.11 Describe the need for private IPv4 addressing

1.12 Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment

1.13 Configure, verify, and troubleshoot IPv6 addressing

1.14 Configure and verify IPv6 Stateless Address Auto Configuration

1.15 Compare and contrast IPv6 address types

1.15.a Global unicast
1.15.b Unique local
1.15.c Link local
1.15.d Multicast
1.15.e Modified EUI 64
1.15.f Autoconfiguration
1.15.g Anycast

2.0 LAN Switching Technologies 21%

2.1 Describe and verify switching concepts

2.1.a MAC learning and aging
2.1.b Frame switching
2.1.c Frame flooding
2.1.d MAC address table

2.2 Interpret Ethernet frame format

2.3 Troubleshoot interface and cable issues (collisions, errors, duplex, speed)

2.4 Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches

2.4.a Access ports (data and voice)
2.4.b Default VLAN

2.5 Configure, verify, and troubleshoot interswitch connectivity

2.5.a Trunk ports
2.5.b Add and remove VLANs on a trunk
2.5.c DTP, VTP (v1&v2), and 802.1Q
2.5.d Native VLAN

2.6 Configure, verify, and troubleshoot STP protocols

2.6.a STP mode (PVST+ and RPVST+)
2.6.b STP root bridge selection

2.7 Configure, verify and troubleshoot STP related optional features

2.7.a PortFast
2.7.b BPDU guard

2.8 Configure and verify Layer 2 protocols

2.8.a Cisco Discovery Protocol
2.8.b LLDP

2.9 Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel

2.9.a Static
2.9.b PAGP
2.9.c LACP

2.10 Describe the benefits of switch stacking and chassis aggregation

3.0 Routing Technologies 23%

3.1 Describe the routing concepts

3.1.a Packet handling along the path through a network
3.1.b Forwarding decision based on route lookup
3.1.c Frame rewrite

3.2 Interpret the components of a routing table

3.2.a Prefix
3.2.b Network mask
3.2.c Next hop
3.2.d Routing protocol code
3.2.e Administrative distance
3.2.f Metric
3.2.g Gateway of last resort

3.3 Describe how a routing table is populated by different routing information sources

3.3.a Admin distance

3.4 Configure, verify, and troubleshoot inter-VLAN routing

3.4.a Router on a stick
3.4.b SVI

3.5 Compare and contrast static routing and dynamic routing

3.6 Compare and contrast distance vector and link state routing protocols

3.7 Compare and contrast interior and exterior routing protocols

3.8 Configure, verify, and troubleshoot IPv4 and IPv6 static routing

3.8.a Default route
3.8.b Network route
3.8.c Host route
3.8.d Floating static

3.9 Configure, verify, and troubleshoot single area and multi-area OSPFv2 for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)

3.10 Configure, verify, and troubleshoot single area and multi-area OSPFv3 for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)

3.11 Configure, verify, and troubleshoot EIGRP for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub)

3.12 Configure, verify, and troubleshoot EIGRP for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub)

3.13 Configure, verify, and troubleshoot RIPv2 for IPv4 (excluding authentication, filtering, manual summarization, redistribution)

3.14 Troubleshoot basic Layer 3 end-to-end connectivity issues

4.0 WAN Technologies 10%

4.1 Configure and verify PPP and MLPPP on WAN interfaces using local authentication

4.2 Configure, verify, and troubleshoot PPPoE client-side interfaces using local authentication

4.3 Configure, verify, and troubleshoot GRE tunnel connectivity

4.4 Describe WAN topology options

4.4.a Point-to-point
4.4.b Hub and spoke
4.4.c Full mesh
4.4.d Single vs dual-homed

4.5 Describe WAN access connectivity options

4.5.a MPLS
4.5.b Metro Ethernet
4.5.c Broadband PPPoE
4.5.d Internet VPN (DMVPN, site-to-site VPN, client VPN)

4.6 Configure and verify single-homed branch connectivity using eBGP IPv4 (limited to peering and route advertisement using Network command only)

4.7 Describe basic QoS concepts

4.7.a Marking
4.7.b Device trust
4.7.c Prioritization
4.7.c. [i] Voice
4.7.c. [ii] Video
4.7.c. [iii] Data
4.7.d Shaping
4.7.e Policing
4.7.f Congestion management

5.0 Infrastructure Services 10%

5.1 Describe DNS lookup operation

5.2 Troubleshoot client connectivity issues involving DNS

5.3 Configure and verify DHCP on a router (excluding static reservations)

5.3.a Server
5.3.b Relay
5.3.c Client
5.3.d TFTP, DNS, and gateway options

5.4 Troubleshoot client- and router-based DHCP connectivity issues

5.5 Configure, verify, and troubleshoot basic HSRP

5.5.a Priority
5.5.b Preemption
5.5.c Version

5.6 Configure, verify, and troubleshoot inside source NAT

5.6.a Static
5.6.b Pool
5.6.c PAT

5.7 Configure and verify NTP operating in a client/server mode

6.0 Infrastructure Security 11%

6.1 Configure, verify, and troubleshoot port security

6.1.a Static
6.1.b Dynamic
6.1.c Sticky
6.1.d Max MAC addresses
6.1.e Violation actions
6.1.f Err-disable recovery

6.2 Describe common access layer threat mitigation techniques

6.2.a 802.1x
6.2.b DHCP snooping
6.2.c Nondefault native VLAN

6.3 Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering

6.3.a Standard
6.3.b Extended
6.3.c Named

6.4 Verify ACLs using the APIC-EM Path Trace ACL analysis tool

6.5 Configure, verify, and troubleshoot basic device hardening

6.5.a Local authentication
6.5.b Secure password
6.5.c Access to device
6.5.c. [i] Source address
6.5.c. [ii] Telnet/SSH
6.5.d Login banner

6.6 Describe device security using AAA with TACACS+ and RADIUS

7.0 Infrastructure Management 10%

7.1 Configure and verify device-monitoring protocols

7.1.a SNMPv2
7.1.b SNMPv3
7.1.c Syslog

7.2 Troubleshoot network connectivity issues using ICMP echo-based IP SLA

7.3 Configure and verify device management

7.3.a Backup and restore device configuration
7.3.b Using Cisco Discovery Protocol or LLDP for device discovery
7.3.c Licensing
7.3.d Logging
7.3.e Timezone
7.3.f Loopback

7.4 Configure and verify initial device configuration

7.5 Perform device maintenance

7.5.a Cisco IOS upgrades and recovery (SCP, FTP, TFTP, and MD5 verify)
7.5.b Password recovery and configuration register
7.5.c File system management

7.6 Use Cisco IOS tools to troubleshoot and resolve problems

7.6.a Ping and traceroute with extended option
7.6.b Terminal monitor
7.6.c Log events
7.6.d Local SPAN

7.7 Describe network programmability in enterprise network architecture

7.7.a Function of a controller
7.7.b Separation of control plane and data plane
7.7.c Northbound and southbound APIs

QUESTION: No: 1
Which layer in the OSI reference model is responsible for determining the availability of the receMng
program and checking to see if enough resources exist for that communication?

A. transport
B. network
C. presentation
D. session
E. application

Answer: E

QUESTION: No: 2
Which of the following describes the roles of devices in a WAN? (Choose three.)

A. A CSU/DSU terminates a digital local loop.
B. A modem terminates a digital local loop.
C. A CSU/DSU terminates an analog local loop.
D. A modem terminates an analog local loop.
E. A router is commonly considered a DTE device.
F. A router is commonly considered a DCE device.

Answer: A, D, E
QUESTION: No: 3
A network interface port has collision detection and carrier sensing enabled on a shared twisted pair
network. From this statement, what is known about the network interface port?

A. This is a 10 Mb/s switch port.
B. This is a 100 Mb/s switch port.
C. This is an Ethernet port operating at half duplex.
D. This is an Ethernet port operating at full duplex.
E. This is a port on a network interface card in a PC.

Answer: C

QUESTION: No: 4
A receMng host computes the checksum on a frame and determines that the frame is damaged. The
frame is then discarded. At which OSI layer did this happen?

A. session
B. transport
C. network
D. data link
E. physical

Answer: D
QUESTION: No: 5
Which of the following correctly describe steps in the OSI data encapsulation process? (Choose two.)

A. The transport layer dMdes a data stream into segments and may add reliability and flow control
information.
B. The data link layer adds physical source and destination addresses and an FCS to the segment.
C. Packets are created when the network layer encapsulates a frame with source and destination host
addresses and protocol-related control information.
D. Packets are created when the network layer adds Layer 3 addresses and control information to a
segment.
E. The presentation layer translates bits into voltages for transmission across the physical link.

Answer: A, D

Posted by at No comments:
Labels: , , , , , , ,

Thursday, February 2, 2017

C2020-021 IBM OpenPages Developer

Test information:
Number of questions: 60
Time allowed in minutes: 90
Required passing score: 65%
Languages: English

Related certifications:
IBM Certified Developer - OpenPages

The IBM OpenPages Developer exam will certify that the successful candidate has the fundamental knowledge to participate as an effective team member in the implementation of IBM OpenPages Platform and components for a customer solution.

OpenPages Overview (16%)
Identify the purpose of OpenPages
Identify the technology stack overview
Describe how to customize OpenPages
Describe the OpenPages user interface

Data Model (18%)
Describe the object model rules
Describe the Business Entity structure
Identify Core Data Model Spine
Describe how to manage objects and associations
Describe administrative configuration concepts (e.g., dependencies, views, objects, fields)

Security Model (17%)
Identify roles and role-based security models
Demonstrate knowledge of Security Access Control Permissions
Demonstrate knowledge of security domains
Describe role assignments and how to assign access for users
Identify user and group configurations
Describe security rules

Profile Configuration (18%)
Identify field behavior
Describe views
Describe AFCON concepts

OpenPages GRC Features and Functions (20%)
Describe triggers
Identify UI Extensions / Helpers / Utilities (JSPs)
Identify Computed Fields and Reporting Fragment Configuration
Identify import/export methods

OpenPages Implementation Process (11%)
Identify the implementation phases (BASIM)
Identify environment migration

Job Role Description / Target Audience
The IT Consultant (also known as the Consulting Engineer) will write reports and programs (this exam is not intended for report writers), implement solutions for OpenPages GRC platform deployments, deliver high-quality technical deliverables and might be called upon to assist with the development of a Statement Of Work (SOW). The candidate will also participate in the OpenPages community via knowledge sharing, best practice documentation and training.

To achieve the IBM Certified Developer - OpenPages certification, candidates must possess the skills identified under Recommended Prerequisite Skills, if any, and pass one (1) test.

Click the test link below to see the overview, objectives, and test preparation recommendations.

Recommended Prerequisite Skills
Prior to your preparation for this certification, the following knowledge and skills are recommended and assumed (but not tested) :

Intermediate to advanced competency in Microsoft Excel.
Intermediate to advanced competency in J2EE web-based platforms.
Intermediate to advanced commercial programming experience in HTML, JSP, XML and Java, using OO concepts, SQL, Java script.

Requirements
This certification requires 1 test(s).

Test(s) required:
Click on the link(s) below to see test details, test objectives, suggested training and sample tests.
Test C2020-021 - IBM OpenPages Developer
Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)