Tuesday, 28 June 2016

600-212 SPLTE Implementing Cisco Service Provider Mobility LTE Networks (SPLTE)

Exam Number 600-212 SPLTE
Associated Certifications Cisco Service Provider Mobility CDMA to LTE Specialist
Cisco Service Provider Mobility UMTS to LTE Specialist
Duration 90 Minutes (55-65 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

This exam tests a candidate's knowledge of the skills required to understand and implement technologies, components, architecture fundamentals and products that are found in common LTE networks. The exam includes information on the evolved packet core components and their role in the LTE Evolved Packet System (EPS) to include the Evolved Packet Core network as well as the Radio Access Network (RAN). The exam also includes information on standardized technologies that are implemented on the Mobile Management Entity (MME) Serving Gateway (SGW) and the Packet Data Network Gateway (PGW), and their interaction with authentication, charging, and billing components in the network of the mobile operator, as well as, configuration details of how these components are implemented on the Cisco ASR 5000 Series system.

The 600-212 SPLTE Implementing Cisco LTE Packet Core Networks exam tests a candidate's knowledge of the skills required to understand and implement technologies, components, architecture fundamentals, and products that are found in common Long-Term Evolution (LTE) networks.

Recommended Training

Implementing Cisco Service Provider Mobility LTE Networks – (SPLTE)

Courses listed are offered by Cisco Learning Partners—the authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. For a list of Cisco Learning Partners, use the Learning Partner Locator.

The Implementing Cisco LTE Packet Core Networks (600-212 SPLTE) exam is a 90-minute, 65–75 question assessment within Cisco's Service Provider Specialist certification. This exam tests a candidate's knowledge of the skills required to understand and implement technologies, components, architecture fundamentals and products that are found in common LTE networks. The exam includes information on the evolved packet core components and their role in the LTE Evolved Packet System (EPS) to include the Evolved Packet Core network as well as the Radio Access Network (RAN). The exam also includes information on standardized technologies that are implemented on the Mobile Management Entity (MME) Serving Gateway (SGW) and the Packet Data Network Gateway (PGW), and their interaction with authentication, charging, and billing components in the network of the mobile operator, as well as, configuration details of how these components are implemented on the Cisco ASR 5000 Series system. This exam is a requirement in order to attain either the Cisco Service Provider Mobility UMTS to LTE Specialist certification or the Cisco Service Provider Mobility CDMA to LTE Specialist certification. Candidates can prepare for this exam by taking the Implementing Cisco Service Provider Mobility LTE Networks (SPLTE) v1.0 training course.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 LTE 5%

1.1 Describe and differentiate LTE / SAE architecture

1.2 Explain attach procedure and call flow

2.0 MME (4G LTE) 16%

2.1 Network functions LTE –MME

2.1.a Identify key functions of the MME and basic understanding of architecture and interfaces
2.1.b Describe MME states of MM and CM management
2.1.c Describe protocol stacks and procedures
2.1.d Describe mobility management signaling and call flows
2.1.e Describe session management signaling and call flows
2.1.f Describe location management signaling and call flows
2.1.g Describe SGS procedures and signaling call flows
2.1.h Describe intra-MME handovers procedure
2.1.i Describe intra-RAT handovers procedure
2.1.j Describe inter-MME handover procedures

2.2 QOS architecture

2.2.a Describe the overall QOS functionality in LTE for single and multi pdn
2.2.b Describe the QOS mapping from UMTS to LTE

2.3 Configurations

2.3.a Configure S1 interface with corresponding services and system parameters
2.3.b Configure S6a interface with corresponding services and system parameters
2.3.c Configure S11 interface with corresponding services and system parameters
2.3.d Configure S13 interface with corresponding services and system parameters
2.3.e Identify and implement gateway selection mechanisms
2.3.f Identify and implement MME operator policy and feature sets
2.3.g Troubleshoot configurations

2.4 Network sharing

2.4.a Describe MOCN architecture
2.4.b Describe GWCN architecture

2.5 Security

2.5.a Describe LTE security principles for MME network node
2.5.b Explain security functions for mobility management procedures

2.6 Idle mode signaling reduction

2.6.a Identify IDLE mode signaling reduction in an LTE network
2.6.b Describe IDLE mode signaling establishment
2.6.c Describe IDLE mode signaling reduction deactivation

2.7 CSFB

2.7.a Describe CSFB architecture in LTE network
2.7.b Describe CSFB call flow and signaling

2.8 IPv6 support

2.8.a Configure IPV6 and dual stack EPS bearer scenarios
2.8.b Configure and implement transport plane IPV6 support for MME

3.0 SGW (4G LTE) 10%

3.1 Network functions LTE-SGW

3.1.a Identify key functions of the SGW and basic understanding of architecture and interfaces
3.1.b Describe SGW attach procedures and call flows
3.1.c Configure S1-U interface with corresponding services and system parameters
3.1.d Configure S5/S8 using PMIP/GTP interface with corresponding services and system parameters
3.1.e Configure S11 interface with corresponding services and system parameters

3.2 Feature functionality and extended application

3.2.a Describe multi-PDN support for SGW
3.2.b Describe downlink delay notification for SGW
3.2.c Describe idle mode signaling reduction support for SGW
3.2.d Configure and implement IPV6 support for SGW

3.3 Internetworking between LTE and other technologies

3.3.a Describe interaction with CDMA/eHRPD internetworking
3.3.b Describe interaction with GSM/UMTS internetworking
3.3.c Configure S4 interface with corresponding services and system parameters
3.3.d Configure S12 interface with corresponding services and system parameters
3.3.e Configure S103 interface with corresponding services and system parameters

3.4 Charging

3.4.a Configure Gx interface with corresponding services and system parameters

3.5 QoS

3.5.a Describe QoS bearer management and marking for SGW
3.5.b Configuring DSCP marking for SGW

4.0 PGW (4G LTE/EHRPD) 15%

4.1 Architecture overview

4.1.a Identify key functions of the PGW and basic understanding of architecture and interfaces

4.2 Implement S5/S8 and Gn/Gp interface

4.2.a Describe GTP protocol
4.2.b Describe mobility management/session management call flows
4.2.c Describe QoS in EPC
4.2.d Configure S5/S8 interface with corresponding services and system parameters
4.2.e Troubleshoot S5/S8 and Gn/Gp

4.3 APN

4.3.a Describe the various IP address allocation mechanisms
4.3.b Describe the concept of virtual APNs
4.3.c Configure APNs and virtual APNs with corresponding service and system parameters
4.3.d Configure IP source address validation and access control list
4.3.e Troubleshoot APN

4.4 Implement Gx interface

4.4.a Describe the important diameter AVPs needed for Gx
4.4.b Describe basic Gx call flows
4.4.c Configure Gx interface with corresponding services and system parameters
4.4.d Troubleshoot Gx interface
4.4.e Describe the common policy use cases
4.4.f Configure failure handling modes
4.4.g Configure usage monitoring over Gx

4.5 Implement Gy interface

4.5.a Describe the important diameter AVPs needed for Gy
4.5.b Describe the basic Gy call flows
4.5.c Configure Gy interface with corresponding services and system parameters
4.5.d Troubleshoot Gy interface
4.5.e Configure failure handling modes
4.5.f Describe OCS selection based on static configuration
4.5.g Describe RADIUS attributes and PCRF out-of-quota redirection handling

4.6 Implement AAA Interface

4.6.a Describe the basic AAA authentication and accounting call flows
4.6.b Describe the important RADIUS attributes for authentication and accounting
4.6.c Configure RADIUS interface with corresponding services and system parameters
4.6.d Troubleshoot RADIUS interface

4.7 Implement S6b interface

4.7.a Describe the important diameter AVPs needed for S6b
4.7.b Describe the basic S6b call flows
4.7.c Configure S6b interface with corresponding services and system parameters
4.7.d Troubleshoot S6b interface

4.8 Interworking with non-3GPP access networks

4.8.a Configure S2a interface with corresponding services and system parameters
4.8.b Configure S2b interface with corresponding services and system parameters
4.8.c Configure S2c interface with corresponding services and system parameters
4.8.d Configure LMA functionality on a PGW
4.8.e Configure non-3GPP IRAT handovers
4.8.f Troubleshoot S2b and S2c interfaces

4.9 SGi Interface

4.9.a Configure and implement various IP transport types
4.9.b Configure and implement static and dynamic routing protocols

5.0 Voice Over LTE 20%

5.1 VoLTE application messages/protocols

5.1.a Describe VoLTE specific diameter interface
5.1.b Describe XCAP, LDAP, SPML
5.1.c Describe CAMEL, CAP, INAP, SOAP, MSML

5.2 Voice over LTE architecture

5.2.a Describe voice evolution in mobile network
5.2.b Identify VoLTE system architecture and functions of network elements

5.3 Network elements in voice over LTE

5.3.a Describe CSCF
5.3.b Describe ENUM
5.3.c Describe MNP — mobile number portability/database
5.3.d Describe telephony application server
5.3.e Describe DRA/DEA
5.3.f Describe HSS
5.3.g Describe PCRF
5.3.h Describe ATCF,ATGW
5.3.i Describe MRF
5.3.j Describe understand OSS and BSS

5.4 QoS

5.4.a Describe QoS in EPS
5.4.b Describe end-to-end QoS in VoLTE

5.5 Interfaces and signaling messages

5.5.a Configure Gx interface and signaling
5.5.b Design Rx interface and signaling
5.5.c Implement Cx interface and signaling
5.5.d Describe ISC interface and signaling
5.5.e Describe Ut interface

5.6 End-to-end call flow

5.6.a Describe IMS client attach to EPC
5.6.b Describe P-CSCF discovery
5.6.c Describe IMS registration, re-registration and de-registration
5.6.d Describe mobile-originated VoLTE call
5.6.e Describe mobile-terminated VoLTE call
5.6.f Describe emergency VoLTE call

5.7 Supplementary services

5.7.a Describe IR.92 supplementary service overview
5.7.b Describe IR.94 supplementary service overview
5.7.c Describe Important services call flows

5.8 VoLTE Interworking

5.8.a Describe PSTN interworking
5.8.b Describe IMS/SIP interworking
5.8.c Describe e-SRVCC

6.0 Other Interfaces 5%

6.1 AAA/diameter related interfaces

6.1.a Describe SWx interface
6.1.b Describe S9 interface
6.1.c Describe Sp interface

6.2 HRPD related interfaces

6.2.a Describe S101
6.2.b Describe S103

7.0 Charging 13%

7.1 Offline charging service

7.1.a Describe offline charging architecture
7.1.b Explain the GTPP protocol header and messages
7.1.c Explain charging data record transport through GTP'
7.1.d Compare and contrast GTPP transfer scenarios
7.1.e Describe and differentiate mobility records generated by MPC nodes
7.1.f Identify and list conditions for record closure and generation
7.1.g Explain Rf offline charging scenarios
7.1.h Identify and list offline charging error cases
7.1.i Configure for offline billing
7.1.j Troubleshoot for offline billing

8.0 Lawful Intercept 5%

8.1 Describe lawful intercept architecture and events

8.2 Configure lawful interception

8.3 Describe lawful intercept trigger element

9.0 Management Protocols 11%

9.1 TACACS

9.1.a Describe admin authentication and command authorization methods
9.1.b Configure Local administration levels
9.1.c Configure external authentication TACACS servers

9.2 Performance counters/statistics

9.2.a Describe the various performance counters
9.2.b Describe the collection and processing of performance counters
9.2.c Describe the common KPIs for various MPC nodes
9.2.d Configure counters and KPIs

9.3 Fault management

9.3.a Describe SNMP protocols, alarms, notification and MIBs
9.3.b Configure SNMP traps, filters and thresholds

9.4 syslog/events Log

9.4.a Describe system log formats and filters
9.4.b Configure syslog servers and event logs

9.5 Security

9.5.a Describe user access control

9.6 NTP

9.6.a Describe system timing
9.6.b Configure NTP servers, system clock, time zone and timestamps
QUESTION 1
Which three options are valid functions performed by Mobility Management Entity? (Choose
three.)

A. Header compression and user plane ciphering
B. PDN GW and Serving GW selection
C. Tracking area list management
D. User plane packet forwarding and routing
E. UE IP address allocation
F. NAS signaling

Answer: B,C,F

Explanation:

QUESTION 2
Which two radio technologies are used in LTE? (Choose two.)

A. OFDMA
B. MIMO
C. TDMA
D. EV-DO
E. VOR
F. DME

Answer: A,B

Explanation:

QUESTION 3
Which parameter provides support of radio resource management by the MME across the S1
interface?

A. RFSP index
B. relative MME capacity
C. GUTI
D. OLD-GUTI

Answer: A

Explanation:

QUESTION 4
Which two Transport protocols can be used for the S6a interface? (Choose two.)

A. SCTP
B. TCP
C. UDP
D. FCP
E. RDP

Answer: A,B

Explanation:

QUESTION 5
Which two statements apply during the attach procedure on an MME? (Choose two.)

A. The attach procedure provides an always-on IP connectivity to the subscriber.
B. Multiple default bearers can be established during the attach procedure.
C. A dedicated bearer can also be established during the attach procedure.
D. The additional guti value in the attach request is derived from a PTMSI.
E. The attach request is always integrity protected.

Answer: A,C

Explanation:
Posted by at No comments:
Labels: , , , , , , , ,

Friday, 17 June 2016

600-199 SCYBER Securing Cisco Networks with Threat Detection and Analysis

Exam Number 600-199 SCYBER
Associated Certifications Cisco Cybersecurity Specialist
Duration 60 minutes (50 - 60 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

This exam is aimed at testing the knowledge and skills required to proactively detect and mitigate network security threats by leveraging features that exist in Cisco and other industry network security products today. Designed for professional security analysts, the exam covers essential areas of competency, including event monitoring, security event/alarm/traffic analysis, and incident response.

The following course is the recommended training for this exam.

Securing Cisco Networks with Threat Detection and Analysis
Courses listed are offered by Cisco Learning Partners-the only authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. Check the List of Learning Partners for a Cisco Learning Partner nearest you.

Exam Description
The Securing Cisco Networks with Threat Detection and Analysis (SCYBER) exam is the exam associated with the Cisco Cybersecurity Specialist certification. This exam is aimed at testing the knowledge and skills required to proactively detect and mitigate network security threats by leveraging features that exist in Cisco and other industry network security products today. Designed for professional security analysts, the exam covers essential areas of competency including event monitoring, security event/alarm/traffic analysis, and incident response.

Recommended Training
The following course is the recommended training for this exam:

Securing Cisco Networks with Threat Detection and Analysis – (SCYBER)

1.0 Information Gathering and Security Foundations 13%
1.1 Describe basic network topologies, application architecture, and host configuration standards
1.2 Identify the services a network and security operations center offers to an organization
1.3 Describe traditional hacking techniques
1.4 Describe basic operational procedures and incident response processes of a security operations center
1.5 Describe basic network security events
1.6 Describe mission-critical network traffic and functions, applications, services, and device behaviors
1.7 Describe corporate security policies
1.8 Describe the role of a network security analyst
1.9 Describe the primary sources of data on vendor vulnerabilities, current threats, exploits, and active attacks
1.10 Describe how vulnerability, attack, and threat data impact operations
1.11 Describe the baseline of a network profile
1.12 Describe correlation baselines (use NetFlow output to validate normal traffic vs. non-normal)
1.13 Describe security around local business process and infrastructure and applications
1.14 Describe risk analysis mitigation

2.0 Event Monitoring 16%
2.1 Describe the various sources of data and how they relate to network security issues
2.2 Monitor the collection of network data as it relates to network security issues
2.3 Monitor and validate health state and availability of devices
2. Monitor DNS query log output (monitor telemetry data to validate devices)
2.5 Identify a security incident (single or recurrent)
2.6 Describe the best practices for evidence collection and forensic analysis
2.7 Describe the different types and severity of alarms and events

3.0 Security Events and Alarms 16%
3.1 Identify and dismiss false positive indicators correctly
3.2 Describe event correlation within the context of the various alarms and corporate infrastructure architecture
3.3 Assess traffic and events in relation to stated policies
3.4 Identify actionable events
3.5 Identify basic incident types
3.6 Describe event metrics and diagnostic procedures

4.0 Traffic Analysis, Collection, and Correlation 24%
4.1 Describe IP packet structures
4.2 Describe TCP and UDP header information
4.3 Analyze network traces or TCP dumps and trace back to actual activities
4.4 Describe packet analysis in IOS
4.5 Describe access packets in IOS
4.6 Acquire network traces
4.7 Configure packet capture

5.0 Incident Response 16%
5.1 Describe standard corporate incident response procedure and escalation policies
5.2 Identify necessary changes to enhance the existing procedure, policy, and decision tree
5.3 Describe the basic emergency mitigation of high-level threats, exploits, and vulnerabilities
5.4 Evaluate and recommend responses to vulnerabilities to ensure adequate monitoring response and mitigation
5.5 Assist level 2 incident response team to mitigate issues
5.6 Describe best practices for post-event investigation
5.7 Describe common legal and compliance issues in security event handling

6.0 Operational Communications 15%
6.1 Describe the communication vehicles related to post-threat remediation
6.2 Generate incident reports and interpret the information to determine the direction of the escalation
6.3 Describe the different types of available metrics and channel to appropriate personnel
6.4 Process incident handling communications and provide context awareness for stakeholders
6.5 Articulate details of problems to remediating teams (constituent-based groups)
6.6 Maintain awareness regarding vulnerabilities and the recommended critical security patches as a result from incident handling
6.7 Communicate recurring issues based on incident handling and provide recommendations for architectural changes or modifications and articulate
6.8 Describe the post-mortem process
QUESTION 1
Which network management protocol relies on multiple connections between a managed device
and the management station where such connections can be independently initiated by either
side?

A. SSH
B. SNMP
C. Telnet
D. NetFlow

Answer: B

Explanation:

QUESTION 2
When an IDS generates an alert for a correctly detected network attack, what is this event called?

A. false positive
B. true negative
C. true positive
D. false negative

Answer: C

Explanation:

QUESTION 3
When is it recommended to establish a traffic profile baseline for your network?

A. outside of normal production hours
B. during a DDoS attack
C. during normal production hours
D. during monthly file server backup

Answer: C

Explanation:

QUESTION 4
Which two activities would you typically be expected to perform as a Network Security Analyst?
(Choose two.)

A. Verify user login credentials.
B. Troubleshoot firewall performance.
C. Monitor database applications.
D. Create security policies on routers.

Answer: B,D

Explanation:

QUESTION 5
Which protocol is typically considered critical for LAN operation?

A. BGP
B. ARP
C. SMTP
D. GRE

Answer: B

Explanation:

Posted by at No comments:
Labels: , , , , , , , ,

Wednesday, 8 June 2016

500-275 SSFAMP Securing Cisco Networks with Sourcefire FireAMP Endpoints (SSFAMP)

QUESTION 1
The FireAMP connector monitors the system for which type of activity?

A. vulnerabilities
B. enforcement of usage policies
C. file operations
D. authentication activity

Answer: C

Explanation:

QUESTION 2
Which disposition can be returned in response to a malware cloud lookup?

A. Dirty
B. Virus
C. Malware
D. Infected

Answer: C

Explanation:

QUESTION 3
The FireAMP Mobile endpoint connector currently supports which mobile OS device?

A. Firefox
B. HTML5
C. Android
D. iPhone

Answer: C

Explanation:

QUESTION 4
If a file's SHA-256 hash is sent to the cloud, but the cloud has never seen the hash before, which
disposition is returned?

A. Clean
B. Neutral
C. Malware
D. Unavailable

Answer: B

Explanation:

QUESTION 5
Which statement describes an advantage of the FireAMP product?

A. Signatures are pushed to endpoints more quickly than other antivirus products.
B. Superior detection algorithms on the endpoint limit the amount of work the cloud must perform.
C. It provides enterprise visibility.
D. It relies on sandboxing.

Answer: C

Explanation:

Posted by at No comments:
Labels: , , , , , , , ,

Friday, 3 June 2016

Cisco & IBM are taking IoT analytics to the edge

The companies are bringing some smarts from IBM's Watson platform to Cisco edge devices

The Internet of Things is no good without a way to act on the data it generates. A new partnership between two of the biggest IoT players promises to put smart collection and advanced analysis of data right where it’s needed.

IBM and Cisco Systems have worked out how to run components of IBM’s Watson IoT analytics on Cisco edge devices. This will bring more intelligence closer to where the action is, helping enterprises run things like factories and oil rigs more efficiently.

In 2014, Cisco unveiled small routers and switches that could be embedded in facilities and vehicles located far from any data center. The devices could take in data from local sensors and analyze it on site with a small, built-in Linux computer. Among other things, this "fog computing" system could decide what data was interesting enough to send to the cloud and what could just be thrown away.

Cisco also included a way to make other analytics platforms work on the data. Watson was an obvious candidate. The partnership with IBM is a big step toward making the IoT edge more intelligent and linking it to powerful cloud-based analytics, said Mike Flannagan, Cisco vice president of data and analytics.

One thing the companies can do is to give edge devices Watson’s own smarts about what data points to send to the Watson cloud for long-term business insights. In addition, the Watson software can do some analytics without sending the information out to the cloud.

Enterprises want to see companies like Cisco and IBM working together on IoT, IDC analyst Vernon Turner said. In a field that’s still highly fragmented among various standards and solutions, cooperation among two big vendors that are already in the mix at many enterprises should help make things easier.

IBM, which has a vast set of offerings in IoT, may go from here to integrate more of those with Cisco in the future, MachNation analyst Steve Hilton said. More cooperation should help drive more IoT deployments, which scare off some enterprises because they fear the hassles of implementation.

The Cisco-IBM integration is available now, and some enterprises are already using it. The Port of Cartagena, in Colombia, has thousands of IoT devices collecting data about things like cranes, vehicles, and shipping containers. The port wanted to apply Watson analytics to the data from those devices, and it turned out that crunching the numbers nearer to the sensors was more effective than sending it all to on-site data centers or the cloud.

Analytics at the edge gives the port quicker reaction times, more efficient use of data and networks, and better dollar value per IoT device, IBM Watson IoT General Manager Chris O’Connor said.

The partnership isn’t exclusive for Cisco or IBM, and there’s nothing stopping enterprises and system integrators from combining the companies’ technologies themselves. But by doing the integration and verification work, Cisco and IBM say they’ll save customers a lot of time and effort.

In addition to the purpose-built IoT devices, Watson can be integrated into many other Cisco products, including ISRs (Integrated Services Routers) and UCS (Unified Computing System) servers.

Posted by at No comments:
Labels: , , , , , , , ,
Subscribe to: Posts (Atom)