As you can see, I have been blogging a lot less frequently. So when I decided to take some time to update a few blogs, I found an error trying to log in:
"Connection using old (pre-4.1.1) authentication protocol refused (client option 'secure_auth' enabled)"
Fortunately for me, my hosting company had upgraded the MySQL server and the password that makes the site work suddenly didn't (but glad security updates are being done automagically for me). For the technical information click the link - but in a nutshell the upgrade uses a longer hash. I went into the interface provided by the host and reset the password and the blogging login started working again. Just in case anyone else runs into it - I thought I would start with this info...
I've been using Win 10 for a while now. Still not fond of it, but I have adapted. As predicted, it is good for my family. The learning curve was not that steep and I was able to add shortcuts so that navigation is easy. Most users (not in IT) are going to use a small subset of programs - and most of what they do is email and browser based. It's only us geeks that try to do stuff like use a serial port (or a usb to serial adapter) and other such silly things. So all in all, the upgrade was not that painful.
I am still studying to take the CCIE Security Written again. I've done a ton of studying and I feel like I'm getting close to being able to take my next shot at it. I have learned a lot since that last attempt. One of the things I realized is that the test is _adaptive_ (ugh). I must have missed something early on regarding IPv6 - since it seemed like there were a ton of those questions. Yes, it was a weak area - since none of the businesses in this area use IPv6, so I don't have a lot of experience with it. But the adaptive nature of some exams will find that weakness and hammer it. So I have been working on that area. There is a lot of material to cover and since I last took the exam - it has changed versions. So NOW I have to add the "Evolving Technologies" to the study list. This is good and bad. The good part is that this section is on all the CCIE exams now (all tracks). So you learn it once and it applies multiple times. The bad part is that this is new technology and (just like the Security track) it has limited information available. I have had to cobble together resources to learn this stuff.
While I was researching and preparing for the CCIE Security Written exam, I noticed that my current Cisco certifications were quickly approaching the recertification date. Since my risk appetite is rather low... I paused my studies to recertify. It only takes one CCNP Security (or Route/Switch) test to recertify all the CCNP and CCNA level certs. My thoughts were to take one - which would at least cover / review part of the same Security information I was studying anyway. And again, I found that there were very few materials for this. I wanted to take the SENSS test since it focused more on firewalls, but found there were no books for it. I ended up taking the SISAS (and passing) since it had the most material available.
To prepare for the SISAS I used the Cisco Press Official Cert Guide, INE videos (23 hrs), AAA Identity Management Security book (Cisco Press), Cisco ISE for BYOD and Secure Unified Access (Cisco Press), Cisco Live webinars (they are archived online), Cisco Bring Your Own Device (BYOD) Networking LiveLessons [Cisco "livelessons" series on Safari Books ]( 5 hrs), and Cisco TrustSec LiveLessons [Safari Books] (5 hrs). Yes, this is what I consider an adequate amount of material for exam prep.
I really dislike that Cisco has exams that do not have a current Cisco Press book matching the exam. The Cisco Live presentations (from over a year ago) mention that a book is coming out soon - and the books mentioned are still not available while the exam continues to constantly update. How do they expect us to keep up with it if they can't keep up with it?
Oh, and while I was at it - I studied and recertified my Wireshark certification so I could focus on CCIE Security from now until I get it. So all my current credentials are updated and it is time to move forward. [Note: the videos alone are putting me well over the CPEs to keep the CISSP and Wireshark in good standing.]
One other thing I found in my travels that may be helpful to someone - FedVTE. There is a Federal Virtual Training Environment that is now open to all vets (not just current gov/mil personnel). It has a ton of free cybersecurity training on a wide range of topics. If you have a .gov or .mil address, you can sign up directly - FedVTE - or if you are a veteran, you have to take an extra step and verify your service on the Hire Our Heroes site to get access to FedVTE. Some of the training is a bit old (a few years), but most of it is teaching basic concepts that do not change. They have courses from CompTIA A+ to CISSP prep. Some of the classes have quizzes and some don't - but there is a "Transcript" area where you can keep track of your completed training (and print certificates of completion). If nothing else, it's a good place for free CPEs (if you qualify).
Posted by BlueWolf on October 9, 2016 01:19 AM