In the course library, you can submit a course request with the course request list. This is our official tracking system that will allow you and others to see what has been requested and to vote it up.
This is will make sure it's seen within our company for course creation and to make sure that I don't forget to ask! :)
In the Accelerated CCNA R&S video, Enhanced Switching, Todd says that the designated port is determined by the BID. However, in CCNA Offical Cert Guide book and the Cisco documentation I've found (see below), the first check is based on the path cost between the switches, not the BID. Is Todd wrong or am I misunderstanding something?
From the Cisco documentation, page 15-3::
"A designated switch for each LAN segment is selected. The designated switch incurs the lowest path cost when forwarding packets from that LAN to the root switch. The port through which the designated switch is attached to the LAN is called the designated port."
I hope all is well. Let me see if I can help you out. First of all, the URL below will give you links to all of the documentation and information you need to understand the current options for using DNS in Azure.
Second, you may want to check out the show that I did on Azure that updates what you are watching with Mike. It is 70-533 Implementing Microsoft Azure Infrastructure Solutions. It has approx. 170 episodes and is approx. 90 hours of content. I am not suggesting that you watch it all, but there are several areas where we discuss DNS. The Implement Virtual Networks exam objective has DNS info and is a good place to start.
Take a look and let me know if you have any other questions.
Good Luck !!
I hope all is well. Great question !! The best place to start is with a definitive answer, which is a resounding "No", but...
Let me explain. There are no specific requirements that must be implemented in support of NIST SP 800-171 (R1), rather the document is a statement of Security Requirements that are then cross referenced against two distinct documents that offer relevant security controls, NIST SP 800-53 R4 and ISO/IEC 27001. As a result, the options available to implement the security controls are actually bounded by the two documents, which offer guidance and a selection of options, but no specific "must-do's".
For instance, in NIST SP 800-53R4 SC-28:
"PROTECTION OF INFORMATION AT REST
The information system protects the [Selection (one or more): confidentiality; integrity] of [Assignment: organization-defined information at rest].
Supplemental Guidance: This control addresses the confidentiality and integrity of information at rest and covers user information and system information. Information at rest refers to the state of information when it is located on storage devices as specific components of information systems. System-related information requiring protection includes, for example, configurations or rule sets for firewalls, gateways, intrusion detection/prevention systems, filtering routers, and authenticator content. Organizations may employ different mechanisms to achieve confidentiality and integrity protections, including the use of cryptographic mechanisms and file share scanning. Integrity protection can be achieved, for example, by implementing Write-Once-Read-Many (WORM) technologies. Organizations may also employ other security controls including, for example, secure off-line storage in lieu of online storage when adequate protection of information at rest cannot otherwise be achieved and/or continuous monitoring to identify malicious code at rest. Related controls: AC-3, AC-6, CA-7, CM-3, CM-5, CM-6, PE-3, SC-8, SC-13, SI-3, SI-7.
(1) PROTECTION OF INFORMATION AT REST | CRYPTOGRAPHIC PROTECTION The information system implements cryptographic mechanisms to prevent unauthorized disclosure and modification of [Assignment: organization-defined information] on [Assignment: organization-defined information system components]
Supplemental Guidance: Selection of cryptographic mechanisms is based on the need to protect the confidentiality and integrity of organizational information. The strength of mechanism is commensurate with the security category and/or classification of the information. This control enhancement applies to significant concentrations of digital media in organizational areas designated for media storage and also to limited quantities of media generally associated with information system components in operational environments (e.g., portable storage devices, mobile devices). Organizations have the flexibility to either encrypt all information on storage devices (i.e., full disk encryption) or encrypt specific data structures (e.g., files, records, or fields). Organizations employing cryptographic mechanisms to protect information at rest also consider cryptographic key management solutions. Related controls: AC-19, SC-12.
(2) PROTECTION OF INFORMATION AT REST | OFF-LINE STORAGE The organization removes from online storage and stores off-line in a secure location [Assignment: organization-defined information].
Supplemental Guidance: Removing organizational information from online information system storage to off-line storage eliminates the possibility of individuals gaining unauthorized access to the information through a network. Therefore, organizations may choose to move information to off-line storage in lieu of protecting such information in online storage."
Based on the above, you see two things:
A cross referencing of additional controls that offer guidance, and in some cases options on what approaches may be implemented
Options presented in the supplemental guidance section(s) that offer possibilities, but not specific declarative "must-do" statements.
The goal of NIST SP 800-171 R1 is to "provide a set of recommended security requirements for protecting the confidentiality of CUI when such information is resident in nonfederal systems and organizations; when the nonfederal organization is not collecting or maintaining information on behalf of a federal agency or using or operating a system on behalf of an agency; and where there are no specific safeguarding requirements for protecting the confidentiality of CUI prescribed by the authorizing law, regulation, or government wide policy for the CUI category or subcategory listed in the CUI Registry. The security requirements apply to all components of nonfederal systems and organizations that process, store, or transmit CUI, or that provide security protection for such components. The requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and nonfederal organizations."
The key words: "provide a set of recommended security requirements" It's all about the options in other words, and they will vary, and be contextual, and may or may not be implemented the same way across organizations.
Hope that helps.
IT Service Managment
The ITIL Foundation course available on ITProTV is an excellent resource with a pass rate of greater than 98%. To supplement this course, the "Passing your ITIL Foundation Exam" book and the "ITIL Foundation Pocket Guide" are two excellent complements to the course. Both of these are available through PassionIT Group in Adobe Digital Editions format.