• Topics that don't fit in to the other categories
    1145 Topics
    4118 Posts

    i kind of always asked these same quests to have a tasks list as the practice for the course and a sandbox lab (which they now have) more practical and you learn a lot since it is less hand hold you through it. and have an answer video if you completely get lost that will guide you through the steps

  • A+, Network+, IT Fundamentals, Security+, Server+

    731 Topics
    2444 Posts

    I work as a process control specialist in mining, part of what I do is OT or operational technology, and I am taking the A+ certification because there is a concept of IT/OT convergence. One thing I will say, for anyone looking to support industrial systems, is that some of them can be quite antiquated. For example, some industrial systems still operate on DOS or Windows XP, and some programs still use VB6. This isn't generally considered an issue as the old philosophy was complete segregation of networks, so these networks will never see the internet and there is no possibility of someone coming in remotely. The reason these industries don't upgrade is because it is very expensive. Why? well if you have an industry that makes $1m a day and you want to upgrade the control network and components you may be down for a week. Then everything has to be tested and essentially recommissioned. The process could take a very long time. Companies won't see the value in that if the system they have, which is old, still works. Upgrades rarely go off flawlessly, and a lot of thought has to go into it on a live process system.

    However, modern day systems operate on current OS and there is a great deal to consider when creating paths between a plant LAN and business LAN. One of the main points of IT is security, and the loss of availability of a system can be tolerated in order to keep it secure. On the other hand, in OT the most important point is availability, yes security is a top priority, but imagine if you have a massive industrial boiler and you lock the operator out from it because of a security concern and they lose the ability to shut it down safely or monitor it. Security protocols implemented on the OT system must not interfere with the essential and emergency controls of an industrial automation control system (IACS). So, a lot of care has to be taken when approaching any connection between the two networks.

    Another consideration that has to be made is that windows updates on the IACS servers cannot be implemented whenever. The vendors of the control systems thoroughly test the windows patches and create modified version compatible with their control system. These updates must be done in a very planned and deliberate manner. Consider if you did an update and it went south causing the database for the control system to corrupt, and I've seen it happen, then what was supposed to be a short update turns into a week long scramble to get the system back to working condition. seven days at 1 million a day is a lot for a company to swallow.

    Anyone going into IT for an industry where control systems are present, and where they will be assisting the control network team, should read more about IT/OT convergence. Understanding that the thought process of an IT specialist and an OT specialist are different will help you in communicating and supporting the OT team. In my case I am on my own in my department and rely heavily on IT for support. In other cases, IT has nothing to do with the OT system. Generally speaking, best practices is that the two are separate, but with modern technology and IT/OT convergence, this may no longer be the case and we must rely on each other and work together for the common goal.

  • CCT, CCENT, CCNA, CCNP ENCOR, ENARSI, CCNP SCOR

    558 Topics
    2265 Posts

    Hello Junaid!

    Since Cisco ISE integrates with so many different technologies - you will discover it comes up a lot in our courses. For example, I just searched our video catalog for Cisco ISE and got a full page of courses.

    But it sounds like you are looking for the full documentation and perhaps even a practice lab environment.

    The complete configuration guides for Cisco ISE are available here:

    https://www.cisco.com/c/en/us/support/security/identity-services-engine/products-installation-and-configuration-guides-list.html

    Should you want to get hands-on practice with the device - you can do that here:

    https://developer.cisco.com/docs/sandbox/#!security/overview

    Thanks so much for choosing ACI Learning and we are always standing by to help.

  • MTA, MCSA Windows 10, MCSE Windows Server 2019

    1008 Topics
    3888 Posts

    heard MD102 is getting completly changed now even as of last week :P

  • Security+, CASP, CEH, CISM, SSCP and CISSP

    399 Topics
    1438 Posts

    Hello,

    I came cross this question on CISSP practice exam and think that the answer is wrong. Any comments?

    Which statements do NOT define the requirements of a security kernel?
    a. The reference monitor should be verified as correct.
    b. The reference monitor should provide process isolation.
    c. The security kernel should be verified in a comprehensive manner.
    d. A method to circumvent the security should be implemented by the reference monitor.

    CyberVista says correct answer is "b and d". But should't it be "d" only? The reference monitor should provide process isolation, isn't it?

    Here is what google's ai think about the subject:
    Both reference monitor and base and limit registers provide process isolation.
    • Reference monitor is a security mechanism that mediates all accesses to objects by subjects. It is a central part of a computer system's security architecture and is responsible for enforcing the system's security policy. Process isolation is one of the security features that the reference monitor provides.
    • Base and limit registers are hardware registers that are used to implement memory protection. They are used to define the boundaries of a process's address space. This prevents processes from accessing each other's memory.
    Both reference monitor and base and limit registers provide process isolation, but they do so in different ways. The reference monitor is a software mechanism that is responsible for enforcing the system's security policy. The base and limit registers are hardware registers that are used to define the boundaries of a process's address space.
    In modern operating systems, both reference monitor and base and limit registers are used to provide process isolation. The reference monitor provides a high-level security policy, while the base and limit registers provide a low-level mechanism for enforcing that policy.
    Here are some of the advantages of using both reference monitor and base and limit registers to provide process isolation:
    • Increased security: Process isolation is a critical security feature that can help to protect computer systems from malicious attacks. By using both reference monitor and base and limit registers, systems can achieve a high level of process isolation.
    • Reduced complexity: Using both reference monitor and base and limit registers can help to reduce the complexity of security mechanisms. This is because the reference monitor can focus on enforcing the system's security policy, while the base and limit registers can focus on providing a low-level mechanism for enforcing that policy.
    • Improved performance: Using both reference monitor and base and limit registers can help to improve the performance of security mechanisms. This is because the reference monitor can be implemented in software, while the base and limit registers can be implemented in hardware.
    Here are some of the disadvantages of using both reference monitor and base and limit registers to provide process isolation:
    • Increased cost: Using both reference monitor and base and limit registers can increase the cost of computer systems. This is because both mechanisms require additional hardware and software.
    • Increased complexity: Using both reference monitor and base and limit registers can increase the complexity of computer systems. This is because both mechanisms add additional complexity to the system's architecture.
    • Reduced flexibility: Using both reference monitor and base and limit registers can reduce the flexibility of computer systems. This is because both mechanisms can limit the types of applications that can be run on the system.
    Overall, using both reference monitor and base and limit registers to provide process isolation can help to improve the security of computer systems. However, it is important to weigh the costs and benefits of using both mechanisms before making a decision.

  • ACA, ACSP and ACTC
    80 Topics
    271 Posts

    @Wayne-Ho,

    I could be wrong but I believe this is setup for those that would have to run bootcamp with a WindowsOS. I'm not sure if this is still true.

    I believe you could disable SIP in recovery mode, then run sudo gpt --vv -r show /dev/disk0 to see it...but I've only got my laptop running Ventura and cannot tell you if things are different now.

  • IT Service Managment

    91 Topics
    313 Posts

    Thanks @Myriam-Vézina

    We will look into that.

  • AWS, Amazon Web Services, Cloud Services

    55 Topics
    167 Posts

    @Daniel-Jones,

    As of right now, we do are not planning for it this year. You though can make a course request via the chat bubble on our site. This will ensure that your request is logged officially and forwarded to our content development team for consideration. The more requests there are for this, the more likely it is to be considered for future development.

    Thanks for being a member!

  • Topics related to Microsoft Azure

    79 Topics
    261 Posts

    @Ronnie-Wong

    Thank you for this.

    I've been in IT since 2001, but no formal certifications, only an applied science degree (AAS). In January of 2020 I get help in overcoming the performance anxiety of test taking and go after these formal certifications. With IT Pro TV's help I earned ITF+, A+, Network+ Server+, Project+ and most recently Security+. Feel free to use this as a testimonial.

    I'm still hungry for more but I need to balance that hunger against return on investment and am always looking for guidance on what to learn and what certifications to work towards to make me a competitive candidate.

  • Topics surrounding to VMware vSphere and related products

    29 Topics
    90 Posts

    @Jeff-Gortney,

    Sounds like a great idea. You have to make decisions for dividing up your LUN across your SAN. Do you need larger and fewer LUNs or smaller and more LUNs.

    Take a look at VMWare's documentation on this decision and some good considersations: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.storage.doc/GUID-2C8FAE1F-98F7-4E0B-AEA0-83A4FF16A252.html

    I've been a long time ESXi user, which is fine but with a SAN, to fully take advantage of the SAN you may also want to consider vSphere to manage ESXi to the fullest capabilities.

  • GNU/Linux, Ubuntu, Red Hat and others

    133 Topics
    393 Posts

    When I navigate to /usr/local/bin...
    Screenshot 2023-05-11 at 07.02.07.png

  • PMP, Prince2, SCRUM, and Agile

    20 Topics
    59 Posts

    @Carol-Williams

    For some reason the pdf files from PMI have been changed and the ECO is also referenced as the CAPM Exam Reference Guide. I'll dig back through my older files. Just understand that the reference guide will be slightly off as it refers to the Pilot exam and not the final. The overall content will be still be accurate, just understand it might have some extra references that are unnecessary.

    Thanks!