UK Cisco CCNA Training

If your search is for Cisco training and you haven’t worked with routers before, what you need is the CCNA. This training course was created to teach students with a commercial knowledge of routers. Big organisations who have various regional departments need routers to connect their networks in different buildings to allow their networks to keep in touch. The Internet also is based on huge numbers of routers.

Microsoft CCNA Certification, CCNA Training and over 2000+
Exams with Life Time Access Membership at http://www.actualkey.com

It’s vital that you already know a good deal about the operation and function of computer networks, as networks are connected to routers. Otherwise, you’ll probably struggle. Better to find a course teaching basic networking skills (for example Network+, perhaps with A+) before getting going with CCNA. Some companies will design a bespoke package for you.

The CCNA qualification is all you need at this stage – don’t be cajoled into attempting your CCNP for now. Once you’ve worked for a few years you will have a feel for if this next level is for you. If so, you’ll have a much better chance of succeeding – as your working knowledge will put everything into perspective.

Accredited exam simulation and preparation software is a must – and absolutely ought to be sought from your course provider.

Steer clear of depending on non-accredited preparation materials for exams. The way they’re phrased can be completely unlike authorised versions – and often this creates real issues when it comes to taking the real exam.

Practice exams are invaluable for confidence building – so much so, that at the real thing, you don’t get phased.

Many people don’t comprehend what information technology is all about. It’s stimulating, innovative, and means you’re a part of the huge progress of technology affecting everyones lives in the 21st century.

There are people who believe that the technological revolution we have experienced is easing off. This couldn’t be more wrong. We have yet to experience incredible advances, and the internet particularly will be the most effective tool in our lives.

And keep in mind that income in IT over Britain as a whole is much better than the national average salary, therefore you will be in a good position to gain considerably more once qualified in IT, than you’d get in most other industries.

With the IT marketplace emerging year on year, it’s looking good that the search for certified IT specialists will remain buoyant for the significant future.

A useful feature that many training companies provide is a programme of Job Placement assistance. The service is put in place to assist your search for your first position. Because of the massive need for more IT skills in Britain right now, it’s not too important to place too much emphasis on this feature however. It’s not as difficult as you may be led to believe to find the right work as long as you’ve got the necessary skills and qualifications.

One important thing though, avoid waiting until you’ve finished your training before updating your CV. As soon as your training commences, enter details of your study programme and place it on jobsites!

You’ll often find that you’ll land your initial job while you’re still a student (occasionally right at the beginning). If your course details aren’t on your CV (and it hasn’t been posted on jobsites) then you aren’t even in the running!

Generally, a specialist independent regional recruitment consultant or service (who will get paid by the employer when they’ve placed you) is going to give you a better service than a sector of a centralised training facility. Also of course they should know the local industry and employment needs.

A good number of trainees, so it seems, invest a great deal of time on their training course (for years sometimes), and then just stop instead of trying to get a job. Introduce yourself… Make an effort to let employers know about you. Don’t think a job’s just going to jump out in front of you.

You’ll come across courses which guarantee examination passes – inevitably that means paying for the exams before you’ve even made a start on the course. Before you get carried away with guaranteed exams, look at the following:

Of course it isn’t free – you’re still being charged for it – it’s just been wrapped up in the price of the package.

Qualifying on the first ‘go’ is what everyone wants to do. Going for exams one by one and paying as you go has a marked effect on pass-rates – you take it seriously and are mindful of the investment you’ve made.

Isn’t it outrageous to have to pay the training company at the start of the course for examinations? Hold on to your money and pay for the exam at the time, instead of paying any mark-up – and take it closer to home – rather than in some remote place.

Big margins are made by a number of companies that get money upfront for exam fees. A number of students don’t take them for various reasons but the company keeps the money. Believe it or not, there are companies around that rely on that fact – as that’s how they make a lot of their profit.

Additionally, you should consider what an ‘exam guarantee’ really means. Many training companies won’t be prepared to pay for re-takes until you can prove to them you’re ready to pass.

Exams taken at VUE and Prometric centres are approximately 112 pounds in Great Britain. Students should be very wary of forking out hundreds of pounds extra in fees for ‘exam guarantees’ (most often hidden in the package) – when a quality course, support and consistent and systematic learning, coupled with quality exam simulation software is what will really see you through.

How to bulletproof your website

'Tis the season to begin ramping up online shopping activity, and for retailers that means doing all they can to ensure their websites are up, highly available and able to handle peak capacity. Looming in many IT managers' minds is the cautionary tale of Target, whose website crashed twice this fall after it was inundated by an unprecedented number of online shoppers when the retailer began selling clothing and accessories from high-end Italian fashion company Missoni.

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

"We are working around the clock to ensure that our site is operating efficiently and delivering an exceptional guest experience that's reflective of Target's brand,'' said a Target spokesperson in an email, but declined to give specifics on the measures the company has taken.

One company's hardship is often another company's gain, and those that face well-publicized failures tend to become de facto role models, retail industry watchers say. Take what happened to Best Buy in 2005: Its website experienced what some have called a catastrophic holiday failure and customers were unable to make online purchases. That same year, competitor Circuit City saw a huge spike in traffic, says Dave Karow, senior product manager of Web performance and testing at Keynote, a firm that monitors and tests mobile and Internet performance.

"There's nothing like falling flat on your face to give you the conviction to do right thing going forward. That was an extremely effective wakeup call for Best Buy,'' he says, adding that the retailer now conducts several load tests throughout the year.

Web retailers should be shooting for 99.5% availability, otherwise "they're not cutting it," Karow maintains. "Ninety-nine percent is not acceptable because if you achieve that, you're still one percent unavailable." That has a significant impact since it means more than one percent of potential transactions didn't occur -- and likely won't going forward, he says.

This holiday season, more than ever, Web retailers need to be prepared for the onslaught, since a growing number of consumers will be using mobile devices to shop. A report recently released by mobile ad network InMobi claims an estimated 60 million mobile users are planning to use their devices to shop during the Black Friday/Cyber Monday holiday weekend, with over 21 million intending to make purchases from those devices.
Prepare, test and review

Online shoe retailer Zappos conducts load testing early in the fall to ensure its site stays up and highly available during the holiday season, says Kris Ongbongan, senior manager, technical operations and systems engineering. Every year they follow the same procedure, he says: estimate load.

"We have our finance and planning departments give us sales predictions and we take a multiple of that to see what traffic we can absorb and test to that," typically beginning in September, Ongbongan says. That gives them enough time to make changes and add any necessary infrastructure.
Website uptime

Retailers should go through their transaction volume testing and validation in the September/October timeframe and then code lock their systems until about January 15th, suggests Michael Ebert, a partner in IT Advisory Services at KPMG. During that period, "retailers typically freeze their systems ... and don't do updates unless absolutely necessary to avoid performance issues,'' he says.

Another practice the very large Internet retailers tend to employ is having distributed networks in order to route traffic to make sure transactions are balanced around the U.S., Ebert says. That way, if one site gets too busy the customer will automatically be routed to another. "So make sure you have multiple points of your Internet presence around the U.S." A data center "may be slow to respond, but at least I'm up and running,'' he adds. "There's always a percentage of business you never regain if someone leaves the site."

Another metric that retailers need to be concerned with is latency, or the response time for how long it takes a page to load and for the payment transaction to be completed. "I expect we'll see some latency concerns" or other problems during the check-out step during this holiday season, predicts Greg Girard, program director, IDC Retail Insights. That's because there are throughput bottleneck issues at the gateway to the credit card processing network, he says.

"The micro-economic problem is that it costs money to maintain capacity that you utilize only at the peak time, which is only very infrequently during the year. It's an economical tradeoff you have to make."
Over-provisioning via cloud

For a lot of smaller online retailers, it's hard to justify the return on investment for increasing the capacity they need to handle 12 hours of peak usage on one day of the year, says Girard. "That's where cloud comes into play, and we're seeing some retailers adopt cloud strategies. That's really going to progress going forward." Retailers will be able to get additional peak capacity at an incremental cost by moving to the cloud, he says.

Zappos' Ongbongan says they handle all network functions internally and do not use cloud providers. "We have instrumentation around every transaction point on the website, from search pages to product detail pages to checkout," he says, "so we can look at each individually to see if there's any slowness or problems in any of those areas."

But no matter how prepared you are, problems can still occur, especially when you outsource to third-party vendors. "Nothing is fully bulletproof, so really what [online retailers] need to try and achieve is fault tolerance,'' says Mike Gualtieri, a principal at Forrester Research. He recalls a retailer he worked with that uses an external credit card service that went down one year on Cyber Monday, so the company's orders couldn't be processed.

"Their e-commerce system is in-house, so they had planned for volumes -- searching and shopping the site -- but they have a service level agreement with a credit card service processing service that said, 'We can handle that volume.' So they did all the right things for their own systems and planned for the [increased] volume on Cyber Monday, but were held hostage by this particular provider,'' Gualtieri says.

He says he recommended that the retailer re-architect its site so if the payment processor were to go down again the company could still collect the order and payment information and process payments at a later time. That's particularly useful for small retailers, he says, who may not be able to invest in technologies like an online shopping cart and have to rely on third parties for the functionality.

Regardless of their size, Gualtieri says, retailers need to examine every component of their systems and assign a confidence level between one and five. "Every online retailer should look at their entire ecommerce architecture and all the components they use: shopping cart, products search, account registration--whatever they have--and rate their confidence level.

"Don't assume that everything will go right,'' Gualtieri says. "Assign a confidence level and don't fret too much, but have a mitigation strategy and backup plan."
Optimize for traffic

Among the lessons Karmaloop learned during the 2010 holiday season were that its content delivery network configuration was not optimized for the traffic it was going to experience on Cyber Monday, says Joseph Finsterwald, CTO at the online retailer of alternative street fashion for men and women. "We worked with our CDN vendor Akamai to come up with a configuration that was a better fit for us,'' he says. The firm also discovered problems with parallel processes on the network and synchronization issues when servicing up Web pages, which was corrected by rewriting code.

Revenues are growing 50% to 70% year over year, Finsterwald says, so Karmaloop is using Keynote's LoadPro Web load-testing services to ensure its site is not strained. Because its CDN network was not optimized to handle this level of traffic in past years, the site experienced "frequent" network outrages, he said, although he declined to provide specifics.

"It gives you peace of mind that we can come up with a reasonable facsimile under peak load,'' Finsterwald says. "Load testing is an inelegant science; you're trying to simulate user traffic, but you're integrating a lot of third-party components." If a test is done on a quiet day, a third party may be able to scale to handle that, but all bets might be off when they're handling multiple clients.

This year, when conducting load testing, Karmaloop scaled its systems to a high enough load to trigger a problem for the vendors to address proactively. "We saw performance degradation with some of our vendors," says Finsterwald, "so we're following up with them to make sure they're doing what they need to do."

Keynote's Karow concurs. "Load testing done right has to be a very close representation of what real users are going to do, so it takes real thinking about what people do and the various systems involved and are you stressing those systems?"
Talk to your stakeholders

Also critical to the success of keeping systems up and highly available is making sure everyone is on the same page. "Everybody needs to be involved in the planning and predictive process,'' says Zappos' Ongbongan. At Zappos, that means everyone from brand marketing to financial planning to warehouse staff is involved in planning for peaks in site traffic.

One thing his group learned from talking with other departments was that their peak traffic typically occurs in mid-December, as opposed to right after Thanksgiving or right before Christmas.

Forrester's Gualtieri says it's a definitely a problem when a marketing group doesn't let IT know what it's doing that might cause site traffic to spike. He says he worked with a large Midwestern insurance company that spent a couple of million dollars on its first TV ad during a football game. When the ad aired, the company's site went down "almost instantly," because the company's marketing department didn't tell IT it was running the ad. "So IT had no idea they were going to expect 500 times the normal amount of traffic,'' he says, and they ended up wasting their money on the ad.

Despite all the proactive measures retailers may be taking, Gaultieri predicts there will still be "some high-profile outages" this holiday season. "One, two or several will happen. I also think a lot will happen that you'll never hear about ... I don't think this problem is going to go away."

Although companies are becoming savvier about bulletproofing their sites, crashes will inevitably occur due to continuous changes made to enhance the online shopping experience, he says. "You can't just put a site up and have it be static; there are lots of moving parts and it creates complexity, and there's fallout."

Microsoft: Switch to IE9, get free stuff

Tries to pump up new edition's numbers on Windows 7

Computerworld - Microsoft on Friday launched a promotion to convince more Windows 7 users to adopt Internet Explorer 9 (IE9).

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Windows 7 users who download Microsoft's newest browser, then "pin" any of seven different websites to their taskbars, receive offers that range from a free month of Hulu Plus to a $5-off Fandango movie ticket.

Some of the offers are available immediately, while others launch later this month and during December.

When people running alternate browsers such as Google's Chrome or Mozilla's Firefox on Windows 7 visit the promotional site, they see the message, "Where's the love? ... Upgrade to Internet Explorer to pin these sites and get the free stuff."
Browser wars

Microsoft: Switch to IE9, get free stuff
Microsoft's IE posts biggest share drop in three years
Google pays record $26K in Chrome bug bounties
Chrome bug no security threat, argues Google
Mozilla bashes Microsoft's browser security test
Microsoft pans Chrome, Firefox security
Mozilla relies on search deals for 98% of revenues
Update: Mozilla to prompt Firefox 3.6 users to ride rapid-release train
Mozilla aims to add silent updating to Firefox 10
Google updates Chrome to restore browser after Microsoft blunder

More: Browser Topic Center

Pinning, introduced in IE9, lets users add website shortcuts to the Windows 7 task bar for the same kind of easy access as locally-stored programs.

Users running Mac OS X who visit the free offers site see a different message: "Oh Nooooooo... You're using Mac OS which doesn't support Internet Explorer 9 and Site Pinning."

Windows XP users -- still the most widely-used version of Microsoft's operating system -- cannot upgrade to IE9. Microsoft has defended that ban even as IE's share has continued falling, calling the decade-old OS the "lowest common denominator" and not worthy of future browser development.

Microsoft has been aggressively pushing IE9 as the best browser for Windows 7, and has regularly touted that edition's gains in usage share even as other versions lose ground to Chrome and Apple's Safari.

According to Web metrics company Net Applications, IE9 accounted for 22.5% of the browsers running worldwide on Windows 7 during October, an increase of 1.4 percentage points from the month before. Only Microsoft's own IE8 sported a higher share.

Last month, IE overall lost the largest amount of usage share in three years, falling to 52.6%, putting Microsoft's browser in danger of slipping under the 50% mark as early as January 2012.

Facebook now lets you update Twitter

In addition to Facebook Pages being able to update a Twitter account, Facebook now lets individuals (that means you!) do the same as well.

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Facebook now lets you send your status updates to Twitter. It’s all part of the company’s new Subscriptions feature: not only is the social networking giant letting you subscribe to Facebook users who you aren’t friends with, and not only is it letting you offer your own public updates to Facebook users who aren’t your friends, but it is also letting you send your public Facebook status updates to a linked Twitter account.

Palo Alto has offered this particular feature for Facebook Pages for quite some time now. It’s great for businesses, bands, public figures, and whoever else manages a Facebook Page and an accompanying Twitter account. It cuts down their workload significantly since they only have to publish updates on their Facebook Page, and the Twitter account automatically sends out the same messages.

Now, Facebook is doing the same thing for individual profiles. That means if you have a Twitter account, you can make it so that updating your Facebook status publicly will send out a tweet as well.

A few third-party apps have done this in the past, but Facebook has been meticulous at blocking them. The company has always wanted to keep content shared on Facebook strictly on the social network. Apparently, the Web giant is slowly changing its stance.

I’ve wanted to do this for a long time, although I was recently told that it’s frowned upon to issue the same updates on multiple social networks. Thankfully, my Facebook friends and Twitter followers are mutually exclusive.

Here’s what you need to get started (check out this quick guide with screenshots):

Go to facebook.com/twitter.
Click the green button titled “Link My Profile to Twitter.”
Click the blue button titled “Authorize app.”
Optional: choose which Facebook items you want to share.
Optional: click the blue button “Save Changes.”

Once you link your accounts, your Twitter account will be updated every time you post a public update to Facebook. Although the feature is enabled at step three, I recommend you go through steps four and five as well to make sure you’re only sharing what you want to share.

As you can see in the screenshot above, the company has offered this feature for Facebook Pages for quite some time now. It’s great for businesses, bands, public figures, and whoever else manages a Facebook Page and an accompanying Twitter account. It cuts down their workload significantly since they only have to publish updates on their Facebook Page, and the Twitter account automatically sends out the same messages.

Now, Facebook is apparently going to do the same thing for individual profiles. That means if you have a Twitter account, updating your Facebook status publicly will send out a tweet as well.

A few third-party apps have done this in the past, but Facebook has been meticulous at blocking them. The company has always wanted to keep content shared on Facebook strictly on the social network. Apparently, it is slowly changing its stance.

I’ve wanted to do this for a long time, although I was recently told that it’s frowned upon to issue the same updates on multiple social networks. Thankfully, my Facebook friends and Twitter followers are mutually exclusive.

CCNA SEC: Router Hardening

Hardening a router means that the router is secured against attacks as best as possible. This article discusses various means of making sure your routers are set up with maximum security, including manually hardening the router and router hardening with Cisco SDM.

Cisco CCNA Training, Cisco CCNA Certification 2000+ Exams at Examkingdom.com

We don’t tend to like people that are hardened. They can be cold and unsympathetic, and generally morose. We do, on the other hand, love it when our Cisco routers are hardened, especially when these routers live at the perimeter of our internal networks.

What exactly do we mean by router hardening? It means that the router is secured against attacks as best as possible. From secure, tough-to-crack passwords that are encrypted in the configurations, to the shutting down of unnecessary ports and services, the router has few vulnerabilities for would-be attackers to exploit.

For example, the router has built-in web server capabilities. That’s right. Your Cisco router can actually function as a web server on your network. Don’t plan on using the router as a web server? Be sure that this functionality is disabled.

In addition to web services, the Cisco router of today’s networks can provide many, many other potential services to the network. A key element to hardening the router is to find all of these services you are not using, and to disable them.
Manually Hardening the Router

Feel like going “old school” with your perimeter router security? Well, here is what you can do for configurations manually on the device in order to help secure (harden) it:

Disable unused router interfaces—that’s right, find ANY interface that is not in use and make sure you issue the shutdown command
Disable unused services—these typically include:
BOOTP
CDP
Configuration autoloading
FTP
TFTP
PAD
TCP and UDP minor services
DEC MOP
Disable management protocols that you are not using—these typically include:
SNMP
HTTP or HTTPS
DNS
Disable features that are techniques for re-directing your traffic:
ICMP Redirects
IP Source routing
Disable features that are techniques for probes and scans in reconnaissance attacks:
Finger
ICMP unreachables
ICMP mask reply
Ensure security of terminal connections:
IP identification service
TCP keepalives
Disable gratuitous ARP and proxy ARP
Disable IP-directed broadcasts

You also should inspect the network management protocols in use in your network infrastructure. Remember the following:

SNMP version 1 and 2c transfer passwords (called community strings) in clear text—if security is required—consider SNMP version 3.
HTTP authentication also sends clear text passwords—when needed, use HTTPS instead.
Attackers can respond to broadcast DNS lookups—disable DNS when not in use or configure securely.
Telnet is a clear text protocol—do not use it; instead, use SSH.

Router Hardening with the Cisco Router and Security and Device Manager (SDM)

Now one of the reasons that we love Cisco is that they are always trying to make it easy on us. We see this in the area of router hardening. In the Graphical User Interface for managing your perimeter routers, Cisco provides a Security Audit feature. This feature provides two “modes” of operation. The first is the Security Audit Wizard and the second is the One-step Lockdown mode.

The Security Audit Wizard examines your router and then lets you choose which potential security flaws you want to correct. The One-step Lockdown mode automatically makes the router hardening configurations that Cisco would recommend.

Here are the steps of the Security Audit Wizard:

Within the Cisco SDM, choose Configure then Security Audit.
Click the Perform Security Audit button.
Click Next and the Security Audit Interface Configuration page appears —here you are presented with your router interfaces. It is up to you to select which of the interfaces connect to your internal networks, and which of the interfaces connect to your external networks. After you select these options, choose Next.
The security audit now runs. When it is complete, the SDM presents you with a report of potential security vulnerabilities on your device. You can click Save Report in order to save it. If you select Close, the Security Audit Wizard continues to the next phase.
In the final phase of the Security Audit Wizard, you can check or uncheck the vulnerabilities that you want the wizard to automatically repair. Notice there is even an option for Fix All.

As you might guess, using the One-step Lockdown mode is even easier!

Within the Cisco SDM, choose Configure then Security Audit.
Click the One-step Lockdown button.
Click the Yes button that you want to continue and the SDM goes about its business of locking down the device for you.

What exactly does the One-step lockdown do on your device? Well, it is very busy indeed. Here is a list of the changes made by this GUI:

Disable Finger Service
Disable PAD Service
Disable TCP Small Servers Service
Disable UDP Small Servers Service
Disable IP BOOTP Server Service
Disable IP Identification Service
Disable CDP
Disable IP Source Route
Enable Password Encryption Service
Enable TCP Keepalives for Inbound Telnet Sessions
Enable TCP Keepalives for Outbound Telnet Sessions
Enable Sequence Numbers and Time Stamps on Debugs
Enable IP CEF
Disable IP Gratuitous ARPs
Set Minimum Password Length to Less Than 6 Characters
Set Authentication Failure Rate to Less Than 3 Retries
Set TCP Synwait Time
Set Banner
Enable Logging
Set Enable Secret Password
Disable SNMP
Set Scheduler Interval
Set Scheduler Allocate
Set Users
Enable Telnet Settings
Enable NetFlow Switching
Disable IP Redirects
Disable IP Proxy ARP
Disable IP Directed Broadcast
Disable MOP Service
Disable IP Unreachables
Disable IP Mask Reply
Disable IP Unreachables on NULL Interface
Enable Unicast RPF on Outside Interfaces
Enable Firewall on All of the Outside Interfaces
Set Access Class on HTTP Server Service
Set Access Class on VTY Lines
Enable SSH for Access to the Router

Router Hardening with the Cisco’s AutoSecure

Cisco also provides a One-step lockdown-like feature at the command line! This feature is called AutoSecure. It uses the command shown below:

auto secure [management | forwarding] [no-interact | full]
[ntp | login | ssh | firewall | tcp-intercept]

Notice that this command can run fully automated like the One-step Lockdown mode of the Security Audit feature in SDM. You would issue the command auto secure no-interact. You should notice also that you can run “subsets” of the command’s full capabilities. For example, you could run auto secure management in order to just harden the network management capabilities of the router.

You might not be surprised to learn that the Command Line AutoSecure feature is capable of doing a bit more than the graphical user interface counterpart. Specifically, Cisco SDM does not implement these Cisco AutoSecure features:

Disabling NTP
Configuring AAA
Setting SPD values
Enabling TCP intercepts
Configuring antispoofing ACLs on outside interfaces

The Cisco SDM also implements some of the Cisco AutoSecure features differently. For example:

The SDM disables SNMP but does not configure SNMPv3 (on some routers).
The SDM enables and configures SSH on crypto Cisco IOS images, but does not enable SCP or disable other access and file transfer services, such as FTP for example.

Conclusion

As we have seen, there is more than one option when it comes to ensuring that your Cisco router is well protected against security vulnerabilities. Essentially, two GUI options exist within the Cisco SDM, and a very powerful command line option exists. Of course, administrators can always walk through configuration manually. Whatever you choose, progress with a plan of carefully testing to ensure your router hardening configurations do not cause disruptions within your production network. It is wonderful to be secure, but you do not want this security at the risk of a lack of functionality. We love the help desk phones to remain quiet!

Microsoft 83-640 Exam

QUESTION 1
You work as the network administrator at CERTKINGDOM.com. The CERTKINGDOM.com network has a
domain named CERTKINGDOM.com. All servers on the CERTKINGDOM.com network run Windows Server
2008.
Only one Active-Directory integrated zone has been configured in the CERTKINGDOM.com domain.
CERTKINGDOM.com has requested that you configure DNS zone to automatically remove DNS records
that are outdated.
What action should you consider?

A. You should consider running the netsh /Reset DNS command from the Command prompt.
B. You should consider enabling Scavenging in the DNS zone properties page.
C. You should consider reducing the TTL of the SOA record in the DNS zone properties page.
D. You should consider disabling updates in the DNS zone properties page.

Answer: B

Explanation: In the scenario you should enable scavenging through the zone properties because
scavenging removes the outdated DNS records from the DNS zone automatically. You should
additionally note that patience would be required when enabling scavenging as there are some
safety valves built into scavenging which takes long to pop.
Reference: http://www.gilham.org/Blog/Lists/Posts/Post.aspx?List=aab85845-88d2-4091-8088-
a6bbce0a4304&ID=211

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

---

QUESTION 2
You work as the network administrator at CERTKINGDOM.com. The CERTKINGDOM.com network has a
domain named CERTKINGDOM.com. All servers on the CERTKINGDOM.com network run Windows Server
2008.
The CERTKINGDOM.com network has a server named CERTKINGDOM-SR15. You install the Active
Directory Lightweight Directory Services (AD LDS) on CERTKINGDOM-SR15.
Which of the following options can be used for the creation of new Organizational Units (OU’s) in
the application directory partition of the AD LDS?

A. You should run the net start command on CERTKINGDOM-SR15.
B. You should open the ADSI Edit Microsoft Management Console on CERTKINGDOM-SR15.
C. You should run the repadmin /dsaguid command on CERTKINGDOM-SR15.
D. You should open the Active Directory Users and Computers Console on CERTKINGDOM-SR15.

Answer: B

Explanation: You need to use the ADSI Edit snap-in to create new OUs in the AD LDS
application directory partition. You also need to add the snap-in in the Microsoft Management
Console (MMC).

---

QUESTION 3
You work as the network administrator at CERTKINGDOM.com. The CERTKINGDOM.com network has a
domain named CERTKINGDOM.com. All servers on the CERTKINGDOM.com network run Windows Server
2008.
The CERTKINGDOM.com network has two domain controllers CERTKINGDOM-DC01 and CERTKINGDOMDC02.
CERTKINGDOM-DC01 suffers a catastrophic failure but it is causing problems because it was
configured to have Schema Master Operations role. You log on to the CERTKINGDOM.com domain as
a domain administrator but your attempts to transfer the Schema Master Operations role to
CERTKINGDOM-DC02 are unsuccessful.
What action should you take to transfer the Schema Master Operations role to CERTKINGDOMDC02?

A. Your best option would be to have the dcpromo /adv command executed on CERTKINGDOMDC02.
B. Your best option would be to have the Schema Master role seized to CERTKINGDOM-DC02.
C. Your best option would be to have Schmmgmt.dll registered on CERTKINGDOM-DC02.
D. Your best option would be to add your user account to the Schema Administrators group.

Answer: B

Explanation: To ensure that CERTKINGDOM-DC02 holds the Schema Master role you need to seize
the Schema Master role on CERTKINGDOM-DC02. Seizing the schema master role is a drastic step
that should be considered only if the current operations master will never be available again. So to
transfer the schema master operations role, you have to seize it on CERTKINGDOM-DC02.
Reference: http://technet2.microsoft.com/windowsserver/en/library/d4301a14-dd18-4b3c-a3ccec9a773f7ffb1033.
mspx?mfr=true

---

QUESTION 4
You work as the network administrator at CERTKINGDOM.com. The CERTKINGDOM.com network has a
single forest. The forest functional level is set at Windows Server 2008.
The CERTKINGDOM.com network has a Microsoft SQL Server 2005 database server named
CERTKINGDOM-DB04 that hosts the Active Directory Rights Management Service (AD RMS).
You try to access the Active Directory Rights Management Services administration website but
received an error message stating:
“SQL Server does not exist or access is denied.”
How can you access the AD RMS administration website?

A. You need to restart the Internet Information Server (IIS) service and the MSSQLSVC service on
CERTKINGDOM-DB04.
B. You need to install the Active Directory Lightweight Directory Services (AD LDS) on
CERTKINGDOM-DB04.
C. You need to reinstall the AD RMS instance on CERTKINGDOM-DB04.
D. You need to reinstall the SQL Server 2005 instance on CERTKINGDOM-DB04.
E. You need to run the DCPRO command on CERTKINGDOM-SR04

Answer: A

Explanation: You need to restart the internet information server (IIS) to correct the problem. The
starting of the MSSQULSVC service will allow you to access the database from AD RMS
administration website.

---

QUESTION 5
You work as an enterprise administrator at CERTKINGDOM.com. The CERTKINGDOM.com network has a
domain named CERTKINGDOM.com. The CERTKINGDOM.com network has a Windows Server 2008
computer named CERTKINGDOM-SR03 that functions as an Enterprise Root certificate authority
(CA).
A new CERTKINGDOM.com security policy requires that revoked certificate information should be
available for examination at all times.
What action should you take adhere to the new policy?

A. This can be accomplished by having a list of trusted certificate authorities published to the
CERTKINGDOM.com domain.
B. This can be accomplished by having the Online Certificate Status Protocol (OCSP) responder
implemented.
C. This can be accomplished by having the OCSP Response Signing certificate imported.
D. This can be accomplished by having the Startup Type of the Certificate Propagation service set
to Automatic.
E. This can be accomplished by having the computer account of CERTKINGDOM-SR03 added to the
PGCertificates group.

Answer: B

Explanation: You should use the network load balancing and publish an OCSP responder. This
will ensure that the revoked certificate information will be available at all times. You do not need to
download the entire CRL to check for revocation of a certificate; the OCSP is an online responder
that can receive a request to check for revocation of a certificate. This will also speed up certificate
revocation checking as well as reducing network bandwidth tremendously.

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

HTC reports record numbers, sells more smartphones than RIM

After reporting sales of 13.2 million smartphones during the third quarter, HTC is now the fourth largest smartphone vendor after having outpaced Research In Motion, according to market research company Canalys.

Microsoft MCTS Certification, MCITP Certification and over 2000+
Exams with Life Time Access Membership at http://www.actualkey.com

A diverse product offering, expanded distribution network and growing global brand recognition resulted in HTC's highest-ever quarterly revenue at $4.5 billion for the period ending Sept. 30. That is a 79 percent improvement year-on-year, the company said in a statement on Monday.


At 13.2 million smartphones, shipments increased by 93 percent year-on-year. For example, in China HTC sold nine times as many phones during the third quarter this year compared to the same period last year. That has helped turn HTC into the fourth largest smartphone vendor, passing RIM by a margin of 1.4 million units in the process, according to Canalys. "It has seen a lot of success in the Asia-Pacific region, and it is doing very, very well in the U.S. market," said Pete Cunningham, analyst at Canalys.

The company is also closer than ever to Apple and Nokia, which sold 17.07 million and 16.8 million smartphones, respectively. "It is going to be very competitive. Nokia is probably the vendor that is the most vulnerable from HTC in the short term. Nokia's Symbian volumes will tail off, and its success depends on how fast it can ramp up Windows Phone sales," said Cunningham.

Good products combined with a lot of support from operators have helped HTC increase its shipments volume, according to Cunningham. When an operator wants an Android-based phone, HTC and Samsung, which is the biggest smartphone vendor, are the first port of calls, he said.

To further expand volume, HTC is opening a factory in the beginning of next year, which will help increase the company's total manufacturing capacity to about 40 million phones per year.

Two areas in which the company is currently investing are LTE (Long Term Evolution) technology and entry-level smartphones. An LTE device upgrade cycle will come in 2012 in the U.S. and some advanced markets in Asia, and HTC hopes to take advantage of that. At the same time, it aims to continue to attract first-time smartphone buyers, it said.

"In the long term, we will have a very healthy market in terms of competition and that drives innovation, which is great for end users," said Cunningham.

Microsoft quarter shows continued growth

Microsoft kicked off its first quarter of fiscal 2012 with solid growth, reporting a 7 percent increase in revenue compared to a year ago, and a 6 percent increase in net income.

Overall, Microsoft reported first-quarter revenue of US$17.37 billion, beating the consensus estimate from financial analysts of $17.24 billion, according to Thomson Reuters. Net income for the quarter ending Sept. 30 was $5.74 billion, or $0.68 per share, in line with analysts' consensus estimate.

As in quarters past, business sales dominated the growth for the company.

The Microsoft Business Division, which oversees Microsoft Office, reported $5.62 billion in revenue, an 8 percent increase from the prior year's first quarter, which itself benefitted from the release of Office 2010.

"We had another strong quarter for Office, SharePoint, Exchange, and Lync, and saw growing demand for our public and private cloud services including Office 365, Dynamics CRM Online, and Windows Azure," said Kevin Turner, chief operating officer at Microsoft, in a statement.

Sales of Microsoft's enterprise support server software -- including Lync, SharePoint, and Exchange -- enjoyed double-digit growth, according to the company. Revenue from the company's Dynamics business grew 17 percent. For the back office, the Server and Tools Division generated $4.25 billion in revenue during the quarter, a 10 percent increase year on year.

Sales of Microsoft's flagship product, Windows, grew as well, although less spectacularly. The Windows and Windows Live Division revenue was $4.87 billion for the period, a 2 percent increase.

Starting next quarter, Microsoft will include financial results of Skype, whose acquisition it completed earlier this month. Because of the successful quarter and the Skype acquisition, Microsoft increased its revenue forecast for its full 2012 fiscal year, from $28.6 billion to $29.2 billion.

During a conference call after the results came out, Bill Koefoed, Microsoft general manager for investor relations, noted that consumer purchases of PCs and netbooks were flat, resulting in the sluggish Windows sales. Overall, business sales of PCs outpaced consumer sales, and sales in emerging markets outpaced those in mature markets.

Microsoft expects to see a rebound in growth with the arrival of the first generation of Intel-based ultraportable laptops, or ultrabooks, which have just started to ship. Thus far, more than 450 million copies of Windows 7 have been sold since its launch.

Best CCIE Training and CCIE Exams and more Cisco exams log in to Certkingdom.com

Another area of concern for the company is its 10-year search and advertising partnership with Yahoo, signed in 2009. The teaming has not produced the expected income for Microsoft or Yahoo, which reported its own financial results Tuesday.

"The number-one priority is to resolve the monetization challenges of the combined ad platform," said Peter Klein, Microsoft chief financial officer, adding that the company is working "very closely" with Yahoo to improve the results. Microsoft's Online Services Division generated $625 million in revenue for the quarter, up from $527 million a year ago.

Gmail native app reportedly coming to the iPhone. Can Apple and Google play nice?

While iPhone owners have long enjoyed (or become frustrated with) a slew of Google developed applications including Search, Earth and Voice to name a few, there is curiously no native app for Gmail.

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

It looks like that is about to change!

TechCrunch columnist and newbie venture capitalistMG Siegler is reporting that a Gmail iPhone app is on its way. To date, Gmail owners have lived with accessing email through the iPhone’s native Mail app or other workarounds.

“Perhaps the biggest issue with using Gmail through the iPhone’s native mail client is that Gmail is not Push-enabled,” Siegler aruged in his parislemon blog “Yes, you can hack it to work through Exchange, but then you lose other functionality, such as the ability to star messages via flags.... Well the real big deal is Push Notifications. Finally.”

In addition to Push Notifications, other features of the official Gmail iPhone app—which may have already been submitted to Apple—potentially include:

Priority inbox
The ability to star messages with only one click
Improved email search
Better threading
Contact icons
Integration of Google+ features

But will Gmail ultimately be in the hands of iPhone users?

Assuming Siegler’s reporting is accurate and Google has indeed submitted a Gmail app for approval, the big wildcard question is whether or not Apple will ultimately release and promote it in the App Store.

The increasingly hot war between Apple and Google was further flamed last month when it was revealed in the “Steve Jobs” biography that Apple’s recently fallen founder was willing to “Go Thermonuclear War” on Google for what he deemed to be the “Grand Theft” of taking intellectual property from his company and applying it to its own devices and services.

Whether an approval of the official Gmail app is a sign of thawing between the two companies or just a pragmatic realization that in many ways Apple and Google need to co-exist, we don’t just know.

For starters, let’s see the app in action. Once released, consumers—particularly those who are addicted to both their iPhones and the power of Gmail—ultimately win.

Update: Duqu exploits zero-day flaw in Windows kernel

The Duqu trojan infects systems by exploiting a previously unknown Windows kernel vulnerability that is remotely executable, security vendor Symantec said today.

Best Comptia A+ Training | Comptia A+ Certification 2000+ Exams at Examkingdom.com

Symantec said in a blog post that CrySys, the Hungarian research firm that discovered the Duqu Trojan earlier this month, has identified a dropper file that was used to infect systems with the malware.

The installer file is a malicious Microsoft Word document designed to exploit a zero-day code execution vulnerability in the Windows kernel.

"When the file is opened, malicious code executes and installs the main Duqu binaries" on the compromised system, Symantec said.

According to Symantec, the malicious Word document in the recovered installer appears to have been specifically crafted for the targeted organization. The file was designed to ensure that Duqu would only be installed during a specific eight-day window in August, Symantec noted.

No known workarounds exist for the zero-day vulnerability that Duqu exploits. The installer that was recovered is one of several that may have been used to spread the Trojan.

It is possible that other methods of infection are also being used to spread Duqu, Symantec noted.

Jerry Bryant, Microsoft's Trustworthy Computing group manager, said that the company is working "diligently" to address the issue.

"Microsoft is collaborating with our partners to provide protections for a vulnerability used in targeted attempts to infect computers with the Duqu malware," Bryant said in an email.

The company will issue a security update to address the vulnerability "through our security bulletin process," Bryant said.

The Duqu trojan was discovered earlier this month by CrySys and has garnered considerable attention because of its supposed link to last year's Stuxnet worm that was used to disrupt industrial control equipment at Iran's Natanz nuclear facility.

Symantec, one of the first researchers to release a detailed analysis of the Duqu malware, has labeled it a precursor to the next Stuxnet because of what it said are similarities in code and function.

Symantec said that its researchers determined that Duqu was likely created by Stuxnet's authors, and was designed specifically to steal information from vendors of industrial control systems.

The company said it believes the information gathered from the systems will be used to craft another Stuxnet-like worm.

In today's update, Symantec noted that once Duqu gains a foothold in an organization, it can be remotely commanded to infect other systems.

In one of the six organizations that are confirmed to have been infected by the malware, attackers remotely ordered Duqu to spread by using the Server Message Block protocol used for file and printer sharing functions, Symantec said.

In some cases, computers infected with Duqu did not have the ability to communicate with a central command and control server, so the malware was configured to use a file-sharing protocol to communicate with another compromised computer on the same network that could to connect to a server.

"Consequently, Duqu creates a bridge between the network's internal servers and the C&C (control and command) server. This allowed the attackers to access Duqu infections in secure zones with the help of computers outside the secure zone being used as proxies," Symantec said.

Syamantec said it confirmed that systems in six organizations in eight countries -- France, India, Iran, Netherlands, Switzerland, Sudan, Ukraine and Vietnam -- have been infected with Duqu. Unconfirmed infections have also been reported in Hungary, Indonesia and the United Kingdom, Symantec said.

Meanwhile, researchers discovered two command and control servers used to communicate with computers infected with Duqu.

The first one was found in India and taken down last week, while the second one, located in Belgium, was also shut down.

Don Jackson, a security researcher at Dell SecureWorks, said today that it'ss not clear from Symantec's description whether the zero-day flaw exists in the Windows kernel, in Word, or in both.

Finding and exploiting a Windows kernel level zero-day vulnerability suggests that those behind Duqu likely has "pretty high level of technical capability" and/or is very well funded, Jackson said.

Zero-day flaws in the Windows kernel can easily cost upwards of $10,000 in the underground market, Jackson noted.