Review

Rita’s book is boon to men and women preparing to take PMI’s certification examination. –J. Davidson Frame, Ph.D., PMP and Past PMI Director of Certification

Can you imagine valuing a book so much that you send the author a Thank You letter? Hundreds of thousands of project managers understand why PMP Exam Prep by Rita Mulcahy, PMP, is a worldwide best-seller. Is it Rita’s years of PMP exam preparation experience? The endless hours of ongoing res (more…)

-    Brings together a set of tools and techniques – performed by people – to describe, organize and monitor the work of project activities
-    According to PMBOK Guide: involves applying knowledge skills, tools and techniques during the course of the project to accomplish the project’s objective; it is the responsibility of the project manager to ensure that project management techniques are applied and followed

-    Exam Spotlight: Per the PMBOK Guide, the definition of project management is applying tools, techniques, skills and knowledge to project activities to bring about successful results and meet the project requirements
-    A process that includes initiating a new project, planning, putting the project plan into action, and measuring progress and performance
-    Involves identifying the project requirements, establishing project objectives, balancing constraints and taking the needs and expectations of key stakeholders into consideration
-    Planning – one of the most important functions you’ll perform during the course of a project

Project Managers – The people responsible for managing the project processes and applying the tools and techniques to carry out the project activities

Reference: PMP Project Management Professional Exam Study Guide, Includes Audio CD

TCP – Transmission Control Protocol

• Connection oriented
• Sequenced packets
• Acknowledgement is sent back for received packets
• If no acknowledgement then packet is resent
• Packets are re-sequenced
• Manageable data flow is maintained

Note: TCP and UDP use dynamic port numbers greater than 1023

UDP

• Best effort
• Doesn’t care about sequence order
• Connectionless
• Less overhead and faster than TCP

Planning to take the CISSP Exam? Get a copy of my personal notes (300plus pages worth) that I used to pass the exam for only $25.00. Click the Add To Cart Button to Purchase Plus you will also get copies of notes from other CISSPs. Learn more about this package by visiting this blog entry: CISSP REVIEW NOTES I USED TO PASS THE EXAM. CLICK BELOW TO MAKE YOUR PURCHASE NOW. All Purchases are securely processed through Paypal. Once you click the button please check your shopping cart at the upper right hand side of the page to complete your order. IMPORTANT NOTICE: I MANUALLY REVIEW ALL ORDERS. SO ONCE YOU PURCHASE THE PRODUCT, THERE WILL BE SOME DELAY ON YOU RECEIVING AN E-MAIL FROM ME WITH THE LINK TO THE DOWNLOAD AREA OF THE PRODUCT. YOU WILL GET A RESPONSE FROM ME WITHIN 24-48 HOURS.

Internet Layer Protocols

IP – Internet Protocol

• All hosts on a network have an IP address
• Each data packet is assigned the IP address of the sender and the receiver
• It provides an “unreliable datagram” services
• Provides:
  • No guarantees that the packet will be delivered
  • No guarantee that the packet will be delivered only once
  • No guarantee that it will be delivered in the order in which it was sent

ARP – Address Resolution Protocol

• Use the IP Address to get the MAC address
• MAC Address is 48 bit
• IP address is 32 bit
• Only broadcast to network first time, otherwise stores IP and MAC info in table

RARP – Reverse Address Resolution Protocol

• Use the MAC address to get the IP address
• RARP Server tells diskless machines’ IP address

ICMP – Internet Control Message Protocol

• Management Protocol and messaging service provider for IP
• Sends messages between network devices regarding the health of the network
• Ping is ICMP packet
• Ping checks if a host is up and operational

Note: TCP/IP does not define physical standards it uses existing ones

Other TCP/IP Protocols

Telnet

• Terminal Emulation
• No File Transfer

FTP

• File Transfer Protocol
• Can not execute files

TFTP

• Trivial FTP
• No directory browsing capabilities, no authentication
• Can only send and receive files
• UDP-base file transfer program that provides no security

NFS – Network File Sharing

SMTP – Delivers e-mails

X-Windows – For writing graphical interface applications

SNMP

• Simple Network Management Protocol
• Provides for the collection of network information by polling the devices on the network from a management station
• Sends SNMP traps (notification) to  MIBS – Management Information Bases

Bootstrap Protocol (BootP)

• Diskless bootup
• BootP server hears the request and looks up the client’s MAC address in its BootP file
• Internet Layer Protocol

Projects

-          Temporary in nature

-          Have definite start dates and definite end dates

-          Completed when goals and objectives are accomplished to the satisfaction of the stakeholders

-          Exist to bring about a product, service, or result that didn’t exist before

-          Unique

Progressive Elaboration

-          Improves the project team’s ability to manage greater levels of detail that allows for the inevitable change that occurs throughout the project lifecycle

-          Goes along with the temporary and unique aspects of a project because when you first start the project you don’t know all the minute details of the end product

-          Product characteristics typically start our broad-based at the beginning of the project and are progressively elaborated inot more and more detail over time until they are complete and finalized

-          Exam Spotlight – Most often used when creating the project or product scope, developing requirements, determining human resources, scheduling and defining risks and their mitigation plans

Operations

-          Ongoing and repetitive

-          Involve work that is continuous without and ending date

-          Often processes are repeated and produce the same results

-          Purpose is to keep the organization functioning, compare to projects which has the purpose of meeting goals and concluding

Stakeholders

-          Individuals or organizations with a vested interest in project

-          Includes people who are actively involved in the work of the project or have something to either gain or lose from the result of the project

Project Sponsor

-          Generally an executive in the organization with the authority to assign and enforce decisions regarding the project

-          A stakeholder

-          Generally serves as a tie-breaker decision maker and is one of the people in the PM’s escalation path

Project Characteristics

-          Unique

-          Temporary in nature and have a definite beginning and ending date

-          Completed when the project goals are achieved or it’s determined the project is no longer viable

-          Considered successful when it meets or exceeds the expectations of stakeholders

Reference: PMP Project Management Professional Exam Study Guide, Includes Audio CD

• The process in which information from one packet is wrapped around or attached to the data of another packet
• In the OSI model each layer encapsulates the layer immediately above it

OSI Layers

• Process down the stack and up the stack
• Each layer communicates with corresponding layer through the stack

Planning to take the CISSP Exam? Get a copy of my personal notes (300plus pages worth) that I used to pass the exam for only $25.00. Click the Add To Cart Button to Purchase Plus you will also get copies of notes from other CISSPs. Learn more about this package by visiting this blog entry: CISSP REVIEW NOTES I USED TO PASS THE EXAM. CLICK BELOW TO MAKE YOUR PURCHASE NOW. All Purchases are securely processed through Paypal. Once you click the button please check your shopping cart at the upper right hand side of the page to complete your order. IMPORTANT NOTICE: I MANUALLY REVIEW ALL ORDERS. SO ONCE YOU PURCHASE THE PRODUCT, THERE WILL BE SOME DELAY ON YOU RECEIVING AN E-MAIL FROM ME WITH THE LINK TO THE DOWNLOAD AREA OF THE PRODUCT. YOU WILL GET A RESPONSE FROM ME WITHIN 24-48 HOURS.

6 OSI Security Services

• A security service is a collection of security mechanisms, files and procedures that help protect the network
  • Authentication
  • Access Control
  • Data Confidentiality
  • Data Integrity
  • Non-repudiation
  • Logging & monitoring

8 OSI Security Mechanisms

• A security mechanism is a control that is implemented in order to provide the 6 basic security services
  • Encipherment
  • Digital Signature
  • Access Control
  • Data Integrity
  • Authentication
  • Traffic Padding
  • Routing Control
  • Notarization

TCP/IP Suite of Protocols

During that absence one of my projects was finally launched (after much heartache and banging-head-on-table moments). Check-out yPoodle.com, an online debt management platform that allows consumers to directly negotiate and settle their delinquent unsecured debt (i.e. credit card) with their debt collectors. Debt collectors can be the original creditor, collection agencies/lawyers or debt buyers. This has been the biggest project that I have had the opportunity to develop and design the system architecture and also be its project manager. There are plenty more enhancements that will be introduced in the coming weeks and months and will definitely eat up most of my time until this bad boy is able to fully walk on its own.

I’ve also decided that I will focus on pursuing the Project Management Professional (PMP) certification. As I have always done with my pervious certifications, I did not want to pay them expensive “must-go-to-pass” schools and decided to study on my own. This means that I end up not having a life . This is my little self-study process:

1. First I fast-read the main study material from cover to cover and highlight (I essentially used up over 6 highlighters by the time I’m done) all the key items that I believe is important. This process took me a little bit over two weeks. (My fast-reading is not fast enough –> it was a damn thick book and despite all the indications to contrary, I DO have a life). Not too concerned about understanding or fully digesting the material at this point. The key is to simply identify the overall concept of each topic and find the important elements to be highlighted.
2. The next phase (the phase I am in at the moment as of this writing) is to start taking down notes from the items that I highlighted. I’m a little behind schedule on this one. But the process essentially entails that I type this items. Typing (sometimes writing – I abandoned this process a long time ago since it is quite tiring –> hands hurt after a few pages) the words allow me to now slowly digest the material. It builds up my memrory and therefore I am able to remember what I was reading. I am hoping to finish the note taking within the next two weeks. I am in the early part of chapter 3 of a 12 chapter book.
3. Third phase is typically the quickest, since I have already condensed the material into my notes. For example, I am on page 103 of the book while I have only used up 23 pages worth of notes. I will then reread the notes, try to understand what I’ve written and also do some additional research and enter in more notes if there are items that I feel seems unclear. I project this to take about a week.
4. The fourth phase of the process is digging into the practice exams. Understanding why I answered a question wrong is key. I try to go through as many practice exams I can get my hands on until the day of the real exam.
5. Finally, I did this when I was working on my CISSP certification, but did not do it for the CISM and I have no plans on doing it for this one. I bought audio CDs of the study material and practice exams. Ripped the CDs and loaded the audio into my iPod. For about a month that iPod was connected to my ear whenever possible (even in my sleep! Osmosis, baby, osmosis). I had a shorter study window for the CISM exam and also for this one. The materials are also a little bit smaller than the CISSP, so I think I can manage without this step.

Yep, it is a very long and strenuous process. But this is what works for me. I have not tried any of the schools out there, but I have talked to a whole bunch of folks who fessed up $2500 or more for these schools. I’ve talked to folks who took the school who failed and also to those who said that they would have never passed the exam if they have not went to the school. Not a scientific measurement by any means, but I feel it was a 50-50 chance where the school will not help you pass the exam at all. So I’d rather not spend that mondo-bucks and simply try to digest the material my way. It has worked well for me so far.

I’m scheduled to take the exam in about 7 weeks, April 24. So I will be pretty much deep in the studying trenches during that time period.

All that said, going back to the beginning of this post. I do feel a little guilty not being able to post anything new in this blog. I’m not even sure if people actually go here and read my rants, but I started it so I’d like to maintain it (this time …). The key purpose of this blog is provide another resource for folks who actually have the same interest as I do in technology, security and business, so I figured I will for now and until further notice, I will bypass the other segments that I try to introduce in this blog and focus simply on providing some resource info. This means I will continue to post the CISSP review notes and also the notes that I am taking right now for the PMP exam. Every now and then, if there is a really cool topic that pops into my head, I will post it, too. But I’m pretty sure you all can continue on with your lives without it …

You can send a $10 Donation by Texting ‘Haiti’ to 90999 or You can make a donation by calling 1-800-REDCROSS or 1-800-257-7575 (Spanish) or visit the Redcross site and click on the Donate Now button.

If $10.00 is a little bit more than you can afford right now, musician Wyclef Jean’s organization Yele Haiti also receives donations via text for $5.00. Yele Haiti’s website is http://www.yele.org/. You can text “YELE” to 501501 to give $5 to help with earthquake relief efforts.

In Canada, people can donate $5 to the Salvation Army by texting “Haiti” to 45678 through a system set up by the Mobile Giving Foundation.

Unless you have personally researched any other organization and know that they are trustworthy, be careful. YOU DON’T WANT YOUR WELL-INTENTIONED DOLLARS TO FALL INTO THE WRONG HANDS.

Not all “text to donate” services are created equal. Unfortunately, however appalling it may be, opportunistic scammers typically come out of the woodwork in the wake of catastrophes, hoping to strike it rich through fraudulent schemes.

Layered architecture

• Shows how communication should take place
• Clarify the general functions of a communication process
• To break down complex networking processes into more manageable sub-layers
• Using industry standard interfaces enables interoperability
• To change the features of one layer without changing the code in every layer
• Easier troubleshooting

Planning to take the CISSP Exam? Get a copy of my personal notes (300plus pages worth) that I used to pass the exam for only $25.00. Click the Add To Cart Button to Purchase Plus you will also get copies of notes from other CISSPs. Learn more about this package by visiting this blog entry: CISSP REVIEW NOTES I USED TO PASS THE EXAM. CLICK BELOW TO MAKE YOUR PURCHASE NOW. All Purchases are securely processed through Paypal. Once you click the button please check your shopping cart at the upper right hand side of the page to complete your order. IMPORTANT NOTICE: I MANUALLY REVIEW ALL ORDERS. SO ONCE YOU PURCHASE THE PRODUCT, THERE WILL BE SOME DELAY ON YOU RECEIVING AN E-MAIL FROM ME WITH THE LINK TO THE DOWNLOAD AREA OF THE PRODUCT. YOU WILL GET A RESPONSE FROM ME WITHIN 24-48 HOURS.

Open Systems Interconnect (OSI) Model

Layer 7 – Application

• Responsible for all application-to-application communications
• User information maintained at this layer is user data
• Security: Confidentiality, Authentication, Data Integrity, Non-repudiation
• Technology: Gateways
• Protocols: FTP, SMB, Telnet, TFTP, SMTP, HTTP, NNTP, CDP, GOPHER, SNMP, NDS, AFP, SAP, NCP, SET

Layer 6 – Presentation

• Responsible for the formatting of the data so that it is suitable for presentation
• Responsible for character conversion (ASCII/EBCDIC)
• Encryption/Decryption, Compressions and Virtual Terminal Emulation
• User information maintained at this layer is called messages
• Security: Confidentiality, Authentication, Encryption
• Technology: Gateway
• Protocols: ASCII, EBCDIC, Postscript, JPEG, MPEG, GIF

Layer 5 – Session

• Responsible for the setup of the links, maintaining of the link and the link tear-down between applications
• Security: None
• Technology: Gateway
• Protocols: Remote Procedure Calls (RPC), SQL, RADIUS, DNS, ASP

Layer 4 – Transport

• Responsible for the guaranteed delivery of user information
• Also responsible for error detection, correction and flow control
• User information at this layer is called datagram
• Security: Confidentiality, Authentication, Integrity
• Technology: Gateway
• Protocols: TCP, UDP, SSL, SSH-2, SPX, NetBIOS, ATP

Layer 3 – Network

• Responsible for the routing of user data from one node to another through the network including the path selection
• Logical addresses are used at this layer
• User information maintained at this layer is called packets
• Security: Confidentiality, Authentication, Data Integrity
• Technology: Virtual Circuits (ATM), routers
• Protocols: IP, IPX, ICMP, OSPF, IGRP, EIGRP, RIP, BOOTP, DHCP, ISIS, ZIP, DDP, X.25

Layer 2 – Data Link

• Responsible for the physical addressing of the network via MAC addresses
• There are two sublevels: MAC & LLC
• Has error detection, frame ordering and flow control
• User information maintained at this layer is called frames
• Security: Confidentiality
• Technology: Bridges, switches
• Protocols: L2F, PPTP, L2TP, PPP, SLIP, ARP, RARP, SLARP, IARP, SNAP, BAP, CHAP, LCP, LZS, MLP, Frame Relay, Annex A, Annex D, HDLC, BPDU, LAPD, ISL, ,MAC, Ethernet, Token Ring, FDDI

Layer 1 – Physical

• Responsible for the physical transmission of the binary digits through the physical medium
• Includes things such as the physical cables, interfaces and data rate specifications
• User information maintained at this layer is called bits
• Security: Confidentiality
• Technology: ISDN, Hubs, Repeaters, Cables

Pulled from the Improv Everywhere website:

The 9th Annual No Pants Subway Ride went off without a hitch today in New York. It’s tough to count, but we’re guessing we had around 3,000 participants. Riders met at meeting points spread out all over the city and converged on Union Square. The high was 28 degrees.

In any case, not much really has happened in the past several weeks. I still haven’t seen Avatar (probably won’t see it til it comes out on video). Most of you would probably be saying, you don’t know what you’re missing. You should see it on 3D… Yada-yada-yada… Dunno, but I don’t really think it’s that big of a deal, I guess I’m one of the few out there. I prefer having a quiet, relaxing in my couch, watching a good story line over any movie that is over-hyped with effects and explosives.  Not much of a movie geek to begin with. Don’t get me wrong, I like movies, but I don’t go bonkers over it. As a matter of fact, I like technology also, but you’ll never see camp out 3 weeks, 2 weeks or even 2 hours in advance in front of an Apple store awaiting the next iPhone release. Seriously, I just don’t get the point why someone would. Can someone explain?

Just rented “Up”, “Cloudy with a chance of meatballs” and “Transformers: Revenge of the Fallen” and I still have to put in Transformers in the DVD player. Yes, that bad… …

All that said, this being a tech/business blog I figured for the first full entry of 2010 I share some of the tech/biz news that has hit the web in the first 11 days of the second decade of the 21st century:

1. Google is discovering the their Midas touch may not be as good in the physical world as it is in the virtual world as they they tried to release their first consumer hardware: The Honeymoon is over.

2. New Year’s Resolution – “I will attend CES 2011.”: Computer Electronic Show

3. It takes an orange to spill the beans on an apple: I could care less, really.

4. Mark is my Big Brother: Sucker for Zuckerberg.

5. And tad-ta-ra-ra!!! Drumroll, please… Presenting Your New True Companion…: Can you say creepy?