Network Engineering

LEVEL 1-2 (Associate-Intermediate):
A+|MTA Networks|MTA Security|MTA Servers
Network+|Security+|Cloud+|Storage+|Linux Essentials
CCNA RnS|JNCIA-JUNOS|CCNA Security|CCNA Collaboration|CCNA Wireless|CCNA SP|CCNA DC|CCDA|ITIL|MCSA(Server 2012)|VCA-DCV|VIRL|GNS3

LEVEL 2-3 (Intermediate-Expert):
LPIC1|LPIC2|F5|Checkpoint|Palo Alto|Wireshark|VCP-DCV|CEH(Penetration Testing)|Solarwinds|Nagios|PRTG|Cacti|Kiwi Syslog|Netflow
CCPD|CCNP RnS|JNCIS-ENT|JNCIP-ENT|JNCIS-SP|JNCIP-SP|JNCIS-Security|JNCIP-Security|CCNP SP|CCNP Security|CCNP DC|CCNP Collaboration|CCNP Wireless|HP|Meraki|Aruba|Aerohive|Meru|Ruckus|CISSP

LEVEL 3-4 (Expert-Advanced):
CCDE|CCIE RnS|CCIE SP|CCIE Security|CCIE DC|CCIE Collaboration|CCIE Wireless|JNCIE-ENT|JNCIE-SP|JNCIE-Security

CCNA/CCNP/CCIE (wr and LAB) RnS Prep

CCIE LAB RnS Blueprint: 
http://www.cisco.com/web/learning/exams/docs/ccieRS_Lab5.pdf

CCIE RnS Final Revision/Prep Notes/Commands extracted from all the studied material below*: 
https://networkengineer.me/category/ccna-ccnp-rns/

CBT Nuggets (CCNA/CCNP/CCIE): 
http://www.cbtnuggets.com

INE Videos and Woorkbooks (CCNA/CCNP/CCIE) (Recommended): 
http://www.ine.com

Books:
How to Master CCNA by Molenaar, René
How to Master CCNP SWITCH by Molenaar, René
How to Master CCNP ROUTE by Molenaar, René
How to Master CCNP TSHOOT by Molenaar, René
CCIE Routing and Switching V5.1 Foundations: Bridging the Gap Between CCNP and CCIE (Practical Studies) by Narbik Kocharians

Reference Guides for Revision:
CCNA portable command guide
CCNP portable command guide
Quick Reference Guides for CCNA, CCNP SWITCH, CCNP ROUTE, CCNP TSHOOT and CCIE

Forums:
http://certcollection.org/forum/

CCIE Hall Of Fame:  http://cciehof.com

Cisco VIRL (INE ATC LABs):
http://virl.cisco.com/

 

Cisco ASAV 9.2 VMware and ASDM 722 integrated with GNS3

 

Cisco VIRL (Virtual Internet Routing Lab)

List of supported features for IOSv:
802.1Q, AAA, ACL, BGP, DHCP, DNS, EEM, EIGRP, EoMPLS, Flex Netflow + TNF, GRE, ICMP, IGMP, IP SLA, IPSec, IPv6, ISIS, L2TPv3, MPLS, MPLS L2VPN, MPLS L3VPN, MPLS TE, Multicast, NAT, NTP, OSPF, PfR, PIM, PPPoE, RADIUS, RIP, SNMP, SSH, SYSLOG, TACACS, TFTP, VRF-LITE
Features likely to work for IOSv:
HSRP, VRRP, GLBP, EZVPN, QoS, LISP, ZBFW, Performance Monitor• Read more for IOSv: https://learningnetwork.cisco.com/docs/DOC-30469List of supported features for IOSvL2:
Layer-2 forwarding (auto-config’d), Switchport (auto-config’d), 802.1q trunk, 802.1q VLANs (auto-config’d), Spanning Tree (auto-config’d), Port-Channel (Pagp and Lacp), 802.1x passthrough, Port-ACLs, Dynamic Arp Inspection, DHCP Snooping, IP device tracking, Switched Virtual Interfaces, Layer-3 forwarding over SVIs, Routing protocol support, VTP v1-3, PVST, QoS, Inter-VLAN routing, VLAN Access Maps (VACLs / access control lists for VLANs), ACL functionality for both layer2 and layer3 protocol packets, Dynamic Trunking Protocol support, Switchport protected mode

• Read more for IOSvL2: https://learningnetwork.cisco.com/docs/DOC-30404

List of supported features for IOS-XRv:
IPv4, IPv6, BGP, MP-BGP, EIGRP, ICMP, OSPF, NTP, TFTP, MPLS, MPLS L3VPN, MPLS TE, ISIS, mVPN GRE / mLDP / P2MP TE, AAA, RADIUS, TACACS, SNMP, FLEX CLI, Multicast (PIM, MSDP, IPv6), Syslog, VLANs / QinQ (.1Q, .1AD), RPL, ACLs, SSH, VRF-LITE

• Read more for IOS-XRv:https://learningnetwork.cisco.com/docs/DOC-30449

List of supported features for NX-OSv:
802.1x, AAA, AMT, BGP, CDP/LLDP, EIGRP, FHRP-HSRP, GLBP, VRRP, ICMP, IGMP, IPv4, IPv4/6, IPv6, ISIS, L3 Routing Protocols, LDAP, LISP, MLD, MSDP, NTP, OSPF, PIM/PIM6, Radius, RIP, SNMP, Syslog, TACACS+, VRF, XML/Netconf, NX-API

• Read more for NX-OSv:https://learningnetwork.cisco.com/docs/DOC-30470

UPDATE 4/10/2016: NX-OSv (Titanium) – end of development
The NX-OSv virtual machine image that has been provided with VIRL is based on the Titanium development platform, using the NXOS operating system with a hardware model based on the NEXUS 7000-series platform.
The virtual machine provides Layer-3 and management-plane features taken from the 7.x.x version of the NXOS operating system. As many of you will be aware, Layer-2 switching functionality is not present in the image.
Development efforts in the NXOS operating system, are now strongly focused on moving to the next generation NXOS as implemented today on the NEXUS 9000-series platform. To that end, Layer-2 and Layer-3 feature development is aligned toward the next generation NXOS virtual machine platform. As a result, there are no plans to deliver Layer-2 switching features on the NX-OSv (Titanium) virtual machine platform.
The first virtual machine platform using the next generation NXOS operating system will be NXOSv9000, which is expected to be available on VIRL in late 2016.

List of supported features for CSR1000v:
802.1Q, AAA, ACL, BGP, DHCP, DNS, EEM, EIGRP, EoMPLS, Flex Netflow + TNF, GRE, ICMP, IGMP, IP SLA, IPSec, IPv6, ISIS, L2TPv3, MPLS, MPLS L2VPN, MPLS L3VPN, MPLS TE, Multicast, NAT, NTP, OSPF, PfR, PIM, PPPoE, RADIUS, RIP, SNMP, SSH, SYSLOG, TACACS, TFTP, VRF-LITE
Features likely to work for CSR1000v:
HSRP, VRRP, GLBP, EZVPN, QoS, LISP, ZBFW, Performance Monitor

• Read more for CSR1000v: http://www.cisco.com/c/en/us/products/routers/cloud-services-router-1000v-series/datasheet-listing.html

List of supported features for ASAv:

• Read more for ASAv: http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/asav/quick-start/asav-quick/intro-asav.html

ASA Quick Review

ASA Quick Review

CCNA RnS Subnetting_Commands_Notes

CCNA RnS Subnetting_Commands_Notes

Data-plane attacks and Mitigation Techniques

  1. CAM Table OverFlow Attack (DoS attack)(macof –i eth0): Port-Security
  2. DHCP Starvation Attack (DoS attack): Port-Security and Rate-limiting requests.
  3. DHCP Spoofing/Rogue DHCP Attack (Mitm attack): DHCP Snooping
  4. VLAN Hopping attack (negotiate trunk using DTP)(yersinia -G): set all the ports not connected to switches to no-negotiate and access ports, as by default they are set to negotiate i.e. ‘dynamic-auto’.

Also don’t use vlan1 as native vlan.

  1. Rogue Switch Attack (Switch Mitm i.e. becomes the root bridge): portfast and BPDU Guard (turned ON globally if the port is an access port)(shuts the port down).

BPDU Filter (Doesn’t allow BPDUs, but doesn’t shut the port down).

Root Guard (tell the switch that certain ports can’t be root ports i.e. if you are connected to legitimate switches).

  1. Arp Spoofing/ARP Poisoning attack (Gratuitous ARP) (Mitm attack): DAI (Dynamic Arp Inspection)

Different Cisco OS

Cisco has a whole bunch of different operating systems for a variety of products:

  • IOS runs on most Cisco routers and switches.
  • IOS XE is a more modern, modular version of IOS.
  • IOS XR runs on high-end routers.
  • NX-OS runs on the Nexus line of datacenter switches.
  • ASA OS runs on Cisco ASA devices.
  • AireOS runs on Access Points.

IPv4 Quick Subnetting

IPv4 Quick Subnetting

Quick Interview Review Cisco Commands

Quick Interview Review Cisco Commands

Basic Networking Commands (Revision Notes)

Basic Networking Commands (Revision Notes)

ITIL Quick reference

http://www.maatconsulting.com/pdfs/ITIL_2011_Edition_Quick_Reference_Guide.pdf

http://campus.itpreneurs.com/itpreneurs/LPEngine/ITIL/Additional%20Links/English/2011/Quick%20Reference%20Card.pdf

http://www.mountainview-itsm.com/itil-training/downloads/Mountainview_-_ITIL_V3_Process_Quick_Reference_v3.4_-_PDF_Version.pdf

https://www.tutorialspoint.com/itil/pdf/itil_quick_guide.pdf