Memorizing these 500-901 Exam Cram is sufficient to pass the exam.

We are doing an extraordinary battle to offer you genuine Cisco Data Center Unified Computing Infrastructure Design test questions and responses, alongside clarifications. Each 500-901 real questions on has been checked and approved by our 500-901 specialists. They are qualified and confirmed individuals, who have a seriously long encounter seen with the Cisco certificates. They really look at the 500-901 Exam Questions according to study guide.

Exam Code: 500-901 Practice exam 2023 by team
500-901 Cisco Data Center Unified Computing Infrastructure Design

Exam Details:
- Number of Questions: The Cisco Data Center Unified Computing Infrastructure Design (DCICN) exam typically consists of around 65 to 75 multiple-choice and multiple-answer questions. The exact number of questions may vary.

- Time: Candidates are given 90 minutes to complete the exam. It is important to manage time effectively to ensure all questions are answered within the allocated time.

Course Outline:
The Cisco DCICN exam focuses on validating the knowledge and skills required to design Cisco Data Center Unified Computing Infrastructure solutions. The exam covers various subjects related to data center infrastructure design. While the specific course outline may vary, the exam generally covers the following key areas:

1. Data Center Compute:
- Designing compute platforms for data centers.
- Understanding different compute technologies, such as blade servers, rack servers, and modular servers.
- Designing high-availability compute solutions.

2. Data Center Networking:
- Designing network infrastructure for data centers.
- Understanding data center networking technologies, such as LAN, WAN, and fabric networking.
- Designing network redundancy and high availability.

3. Data Center Storage:
- Designing storage infrastructure for data centers.
- Understanding different storage technologies, such as SAN, NAS, and object storage.
- Designing storage redundancy and high availability.

4. Data Center Virtualization:
- Designing virtualization solutions for data centers.
- Understanding virtualization technologies, such as server virtualization and network virtualization.
- Designing highly available and scalable virtualized environments.

5. Data Center Automation and Orchestration:
- Designing automation and orchestration solutions for data centers.
- Understanding automation technologies, such as scripts and APIs.
- Designing self-service portals and resource provisioning workflows.

Exam Objectives:
The objectives of the Cisco DCICN exam typically include:
- Assessing the candidate's understanding of data center compute technologies and their design considerations.
- Evaluating the candidate's knowledge of data center networking technologies and their design principles.
- Testing the candidate's proficiency in data center storage design and high availability.
- Assessing the candidate's understanding of data center virtualization technologies and their design considerations.
- Evaluating the candidate's knowledge of data center automation and orchestration solutions.

Exam Syllabus:
The specific exam syllabus for the Cisco Data Center Unified Computing Infrastructure Design exam may vary, but it generally includes the following topics:

1. Compute Design:
- Compute technologies
- High-availability compute solutions

2. Network Design:
- Data center networking technologies
- Network redundancy and high availability

3. Storage Design:
- Storage technologies
- Storage redundancy and high availability

4. Virtualization Design:
- Virtualization technologies
- Highly available and scalable virtualized environments

5. Automation and Orchestration Design:
- Automation technologies
- Self-service portals and resource provisioning workflows
Cisco Data Center Unified Computing Infrastructure Design
Cisco Infrastructure pdf
Killexams : Cisco Infrastructure pdf - BingNews Search results Killexams : Cisco Infrastructure pdf - BingNews Killexams : Technical Report: Cisco Incident Control System Click Here To Download:
Technical Report: Incident Control

To combat the ever-increasing virus threats, Cisco Systems® and Trend Micro have embarked on a joint initiative to offer the industry a higher level of protection against network threats and a higher class of service, in the form of real-time threat mitigation. Through this joint effort, Cisco® and Trend Micro bring a powerful new solution to security professionals: the Cisco Incident Control System (ICS). At the core of the Cisco ICS solution is the Cisco ICS server, software that acts as the administrative and delivery center and allows Cisco customers to deploy rapid-response mitigation policies to a large variety of Cisco network devices. Cisco ICS effectively and rapidly allows these network devices to mitigate and prevent newly discovered outbreak-related threats from entering the network.

The Cisco ICS solution's holistic approach and awareness of the network, coupled with TrendLabs' unparalleled threat expertise and response capabilities, make Cisco ICS a valuable addition to the Cisco Services for IPS service offering. Cisco ICS is uniquely effective at preventing virus threats from entering and propagating across the network, as well as eradicating them in the event of limited incursion. Cisco ICS provides the entire network with near-immediate awareness and response capabilities to new threats, allowing a Cisco infrastructure of devices to act as mitigation points more quickly than ever before.

Click Here To Download:
Technical Report: Incident Control
Mon, 08 Nov 2021 00:29:00 -0600 text/html
Killexams : Learn The Infrastructure Of The Internet With This Cisco Training Bundle

The modern world thrives on the internet, even if there are some bizarre unintended consequences from tying everything to an Ethernet cable or wireless signal. And as networks grow, the demand for people who know how to design, build, maintain, and protect them becomes even more important. The 2021 Cisco CCNA & CCNP Certification Training Bundle will get you the certifications you need to become a professional network engineer.

Both certifications were created by the networking company Cisco as they realized their products were becoming more complex, while educational materials weren't keeping up. For IT professionals, that's meant getting two key certifications, starting with the Cisco Certified Network Associate certification, or CCNA. Tied to the #200-301 exam, a CCNA certifies that you're able to set up, run, and maintain a network for a small or medium-sized business.

The first course in this bundle explores that in detail with 150 lectures across nearly 47 hours discussing routing protocols, WAN technology, device monitoring and management and security fundamentals. Whether you're new to IT or just want to update your skills, it's perfect for all levels.

Then the bundle turns to the Cisco Certified Network Professional certification, or CCNP. This expands on what you learned in the CCNA course to apply it to much larger networks, adding network architecture lessons, how to employ virtualization for users, and network infrastructure and assurance. Even if you're not going for your CCNP, it's information worth knowing for any IT professional or engineer who will deals with networks.

Courses are run by ITU Online Training, which has won a ton of industry awards, including honors at the Best in Biz Awards and the Cybersecurity Excellence Awards.

The demand for IT networking professionals is only growing, and a certification will help you move forward in your career, or launch a new one. The 2021 Cisco CCNA & CCNP Certification Training Bundle is normally $198, yet right now you can save 74% and get both courses for just $49.99.

Prices subject to change.

Futurism fans: To create this content, a non-editorial team worked with an affiliate partner. We may collect a small commission on items purchased through this page. This post does not necessarily reflect the views or the endorsement of the editorial staff.

Mon, 14 Jun 2021 23:20:00 -0500 text/html
Killexams : Wireless Infrastructure Market to Reach USD 427.43 Billion by 2029 | At a CAGR of 11.27%

Key Companies Covered in Wireless Infrastructure Market are Capgemini Engineering (France) , Ciena Corporation (U.S.), Cisco Systems, Inc. (U.S.), D-Link Corporation (Taiwan), Fujitsu (Japan), Huawei Technologies co., Ltd. (China), NEC Corporation (Japan), NXP Semiconductor (Netherlands), Qualcomm Technologies Inc. (U.S.), ZTE Corporation (China), Telefonaktiebolaget LM Ericsson (Sweden), Nokia (Finland), SAMSUNG (South Korea), Mavenir (U.S.) and Other Key Player.

Wireless Infrastructure Market

Wireless Infrastructure Market Size

Pune, India, Aug. 21, 2023 (GLOBE NEWSWIRE) -- The global wireless infrastructure market size was valued at USD 202.43 billion in 2022 and is projected USD 427.43 billion by 2029. This growth is expected to occur at an impressive Compound Annual Growth Rate (CAGR) of 11.27% during the forecast period. The research report, titled "Wireless Infrastructure Market, 2023-2029," conducted by Fortune Business Insights™, delves deeply into these insights.

The analysis underscores a surge in demand for high-speed data within both residential and commercial sectors. This, in turn, is expected to drive investments across economies at varying stages of development, spanning from emerging to advanced. A noteworthy trend is the increasing interest in satellite-based connectivity, particularly within the marine and defense sectors. This trend is poised to attract investments in this particular segment. Additionally, there is a positive outlook regarding investments in 5G technology, indicating promising growth prospects in the forthcoming years.

Get a Free sample Research Report:

List of Key Players Profiled in the Wireless Infrastructure Market Report:

  • Capgemini Engineering (France)

  • Ciena Corporation (U.S.)

  • Cisco Systems, Inc. (U.S.)

  • D-Link Corporation (Taiwan)

  • Fujitsu (Japan)

  • Huawei Technologies co., Ltd. (China)

  • NEC Corporation (Japan)

  • NXP Semiconductor (Netherlands)

  • Qualcomm Technologies Inc. (U.S.)

  • ZTE Corporation (China)

  • Telefonaktiebolaget LM Ericsson (Sweden)

  • Nokia (Finland)

  • SAMSUNG (South Korea)

  • Mavenir (U.S.)

Report Scope & Segmentation:

Report Coverage


Forecast Period


Forecast CAGR


2029 Value Projection

USD 427.43 Billion

Market Size in 2022

USD 202.43 Billion

Historical Data


No. of Pages


Report Coverage

Revenue Forecast, Company Profiles, Competitive Landscape, Growth Factors and Latest Trends

Segments Covered

Regions Covered

  • North America

  • Europe

  • Asia Pacific

  • South America

  • Middle East and Africa

Wireless Infrastructure Market Growth Drivers

Increase in Demand for High-speed Internet Connectivity to Drive the Market Growth

Growing Adoption of IoT-based Electronics Devices Boosts the Growth of the Market

Browse Detailed Summary of Research Report with TOC:


5G Connectivity to Remain Dominant with Rising Demand for High Speed

In terms of connectivity, the market is segregated into 3G, 2G, 4G & LTE, 5G, and satellite. The 5G segment will grow at a robust rate due to rising demand for broader connections, high speed, and low latency. Growing usage of smart devices will further propel the demand for 5G technology.

Macro-cell to be Sought-after to Boost IoT, Mobile Device Coverage

With respect to infrastructure, the market is segregated into small cell, mobile core, carrier Wi-Fi, macro-cells, SATCOM, Radio Access Network (RAN), Distributed Antenna System (DAS), cloud RAN, and backhaul. The macro-cells segment will observe a notable CAGR during the forecast period, largely due to the need to boost mobile device, smartphone, and IoT device coverage.

Government & Defense Sector to Exhibit Profound Demand with Rising Investments in Military Domain

On the basis of the platform, the market is classified into commercial and government & defense. The government & defense segment is further subdivided into homeland security, defense, and government institutions/agencies. The government & defense segment will grow due to soaring investments in the military and maritime sectors.

Russia-Ukraine War Impact

Strong Demand for Wireless Services Expedites Production

Demand for advanced telecommunication equipment became pronounced following Russia’s invasion of Ukraine. European countries exhibited an exponential demand for advanced telecommunication equipment for navigation and military communication services. Prominently, the demand for multi-platform anti-jamming antennas became noticeable to prevent intrusion and detection from enemies.

COVID-19 Impact

5G Deployment Witnessed Disruptions Amidst Pandemic

Supply chain disruptions across major economies had a telling impact on the 5G deployment. Leading companies postponed or canceled their projects. Meanwhile, robust policies favored the introduction of 5G and business automation. The expansion of wireless infrastructure became pronounced as companies strived to overcome challenges stemming from the COVID-19 pandemic.

Inquire Before Buying This Research Report:

Report Coverage

The report offers a comprehensive perspective of the market size, share, revenue, and volume. It has deep-dived into SWOT analysis. Quantitative and qualitative assessments have provided a holistic view of the market. The primary interviews validate assumptions, findings, and prevailing business scenarios. The report also includes secondary resources, such as annual reports, press releases, white papers, and journals.

Drivers and Restraints

The trend for IoT-based Electronic Devices to Drive Innovations

An exponential rise in data usage on defense vetronics and smartphones could spur the wireless infrastructure market share. Bullish demand for sensors, receivers, transmitters, and processors will augur well for the industry's growth. To illustrate, in October 2021, COMSovereign collaborated with Total Network Solutions (TNS) to explore how blockchain technology could Excellerate wireless network security in the U.S. Besides, soaring demand for advanced electronics devices in the aerospace and defense sector could expedite investments across the globe. However, prevailing concerns such as breaches of data privacy and network breach could impede the industry growth.

Regional Insights

North America to Provide Promising Opportunities with the Presence of Leading Companies

The U.S. and Canada could witness investments galore in the wake of the growing expansion of 5G networks and infusion of funds into the military and defense sectors. Increased demand for satellite connections will spur the demand for autonomous vehicle infrastructure will bode well for regional growth. Prominently, industrial automation could encourage leading companies to invest in North America.

Europe wireless infrastructure market growth will be pronounced with following the implementation of robust policies. Major companies, such as Deutsche Telekom, Ericsson, Inmarsat plc, and Three UK, are expected to expedite investments in advanced wireless infrastructure solutions.

The Asia Pacific market outlook will be strong on the back of the expansion of smartphone users across China, India, and Australia. Wireless communication devices are expected to be sought-after as the demand for higher-speed and low latency continues to surge across the region. It is worth noting that the digitalization of the maritime and defense sector will bode well for regional growth.

Competitive Landscape

Major Players Emphasize Meeting High Bandwidth Demand to Boost Portfolios

Leading companies are expected to invest in organic and inorganic strategies, including product launches, mergers & acquisitions, technological advancements, and R&D activities. Besides, major companies could invest in innovations and product offerings in the ensuing period.

Ask for Customization:

Detailed Table of Content:

  • Introduction

  • Executive Summary

  • Market Dynamics

    • Market Drivers

    • Market Restraints

    • Market Opportunities

  • Key Insights

    • Key Industry Developments –Mergers, Acquisitions and Partnerships

    • Latest technological Advancements

    • Porters Five Forces Analysis

    • Supply Chain Analysis

  • Quantitative Insights-Impact of COVID-19 Pandemic on Global Wireless Infrastructure Market

    • Impact of COVIC-19 Pandemic on the Global Wireless Infrastructure Market

    • Steps Taken by the Industry/Companies/Government to Overcome the Impact

    • Key Development in the Industry in Response to COVID-19 Impact

  • Global Wireless Infrastructure Market Analysis, Insights and Forecast, 2018-2029

    • Key Findings / Definitions

    • Market Analysis, Insights and Forecast – By Connectivity Type

      • 5G

      • 4G & LTE

      • 3G

      • 2G

      • Satellite

    • Market Analysis, Insights and Forecast – By Infrastructure Type

    • Market Analysis, Insights and Forecast – By Platform

      • Government & Defense

      • Commercial

    • Market Analysis, Insights and Forecast – By Region

      • North America

      • Europe

      • Asia pacific

      • The Middle East

      • Rest of the world

  • North America Wireless Infrastructure Market Analysis, Insights and Forecast, 2018-2029

    • Market Analysis, Insights and Forecast – By Connectivity Type

      • 5G

      • 4G & LTE

      • 3G

      • 2G

      • Satellite

    • Market Analysis, Insights and Forecast – By Infrastructure Type

    • Market Analysis, Insights and Forecast – By Platform

      • Government & Defense

      • Commercial

TOC Continued...!

Speak to Our Expert:

Key Industry Development

Read Related Insights:

Remote Sensing Satellite Market to Hit USD 29.19 Billion by 2030 | With a CAGR of 10.9%

Anti-Jamming Market Size Projected to Reach USD 8.28 Billion by 2029 | With a CAGR of 12.36%

Military Radar Market to Worth USD 22.06 Billion by 2028 | With 6.27% CAGR

About Us:

Fortune Business Insights™ delivers accurate data and innovative corporate analysis, helping organizations of all sizes make appropriate decisions. We tailor novel solutions for our clients, assisting them to address various challenges distinct to their businesses. Our aim is to empower them with holistic market intelligence, providing a granular overview of the market they are operating in.


Fortune Business Insights Pvt. Ltd.

9th Floor, Icon Tower, Baner,

Mahalunge Road, Baner, Pune - 411045,

Maharashtra, India.


US: +1 424 253 0390

UK: +44 2071 939123

APAC: +91 744 740 1245

Follow Us: LinkedIn | Facebook | Twitter


Sun, 20 Aug 2023 21:02:00 -0500 en-US text/html
Killexams : Cisco AppDynamics: 85% of tech experts say application observability is a strategic priority for managing cloud complexity

Presented by Cisco AppDynamics

Cloud native technologies might have improved speed to innovation, and offer greater agility, reliability and scalability — but these modern application architectures are posing serious challenges for IT departments across industries, according to recent research by Cisco AppDynamics for its latest report, “The Age of Application Observability.

Technologists say that 49% of their new innovation initiatives are being delivered with cloud native technologies. Cloud adoption promises to be aggressive across industries, with IT leaders expecting this figure to climb to 58% over the next five years. That means that the majority of new digital transformation programs will be built on cloud native technologies by 2028.

“These cloud native technologies are enabling IT teams to scale, to be able to take on more customers, to grow faster, and still maintain an optimized experience for the end user,” says Joe Byrne, executive CTO at Cisco AppDynamics. “But the rapid pace of adoption means technologists have been faced with challenges from both the tech front and the people front, and they’re struggling.”

A look at the challenge landscape

Attack surfaces are expanding, complexity is skyrocketing, and data keeps pouring in. Seventy-eight percent of technologists said the increased volume of data from multi-cloud and hybrid environments has made manual monitoring virtually impossible. The rigorous pace of adoption and the technical issues that follow in its wake has also meant tension in the IT department as silos form, and stress and higher churn is becoming increasingly common.

“The goal of the application observability report was to underscore the need for technologists to adapt to this new hybrid world,” Byrne says. “And the report was designed to provide a resource to these technologists first to let them know they’re not alone – these are common issues. But more importantly, to find solutions and next steps in managing and mitigating these issues going forward.”

Managing the fragmented IT state

The cloud and on-premises, hybrid nature of modern architectures means that traversing that entire ecosystem is crucial. As a result, new teams are formed to help manage the complexity – a cloud operations team to work with the network operations team, and both operations teams working separately from security.

But to effectively manage what is essentially a fragmented IT estate, 85% of technologists say that observability has to be a strategic priority for the organization going forward – a way to pull this telemetry together, correlate it, and deliver organizations insight into the crucial backend of their business. Bridging that gap takes not only tools and technology, but people and process changes and a cultural shift.

“Everybody needs to be on the same page when producing an application or an experience for the end user, who expects an optimized experience, whether that’s B2C or B2B,” Byrne says. “There’s a business KPI behind all software. Our goal is to ensure the software helps our customers achieve their goals, and thus helps the business achieve its KPIs. So, everyone must own a piece.”

Why these challenges are so intractable

“It’s new technology and new expectations bringing new problems,” Byrne says. “The old methodology of just validating that something is up and running isn’t good enough anymore. The idea of looking at the architecture as separate, isolated parts is not enough anymore. Now, it’s all about how is it all performing together, and what does the end result look like in terms of the experience? It’s a very different way of thinking. And it’s hard to get your head around it.”

It’s also the fact that the technology is moving at a rapid pace, as are the expectations of users, but processes and culture have always changed far more slowly. As a result, 36% of technologists said these issues are already contributing to a loss of their IT talent, which hamstrings teams and puts change on the backburner, in favor of firefighting – and 46% predict that churn is just going to increase if they don’t figure out a way to break down these silos and shift to a focus on observability, versus a monitoring solution.

Breaking down silos and obstacles

The goal of most organizations is to build an application that’s always on, can be used on any device, whenever and wherever the customer wants to use it — but that’s what is creating these challenges for technologists. It requires new technology, it requires rapid adoption and acceleration of digital initiatives, and it leaves skill gaps, a Frankenstein management and reporting structure made up of the old and new, a lack of shared vision and objectives, and a lack of unified data and technology that’s reinforcing these silos.

“IT leaders need to implement new ways of working across departments, and incentivizing and driving people to change their actions is an important one,” Byrne says, “whether it’s shared goals, shared bonuses, or increased compensation. But tool consolidation is also crucial.”

Bringing in unified tools that are integrated tightly and able to work together, versus every team using a completely different tool, can not only save the organization money, but also means each team is looking at the same charts and data points, speaking the same language, using the same methodologies.

“Then they start to understand how important it is to work together, how easy it can be,” he explains. “Then those silos start to get broken down.”

The people-centered value of application observability

Application observability serves as what should be a single source of truth. It brings together application information, network, infrastructure, performance, security and business data — and links that all together to deliver technologists the overall health of the application, and the ability to generate insights into the business transactions of users. For instance, in a retail application that might be a user logging in, searching, adding to cart, checking out, which together makes up the business journey.

“Understanding how those are related, what technologies are involved for each of those transactions that complete that journey, is important,” Byrne says. “We found that 88% of technologists say that observability with business context is really what’s going to enable them to become more strategic and spend more time on innovation.”

For example, the business data that comes from monitoring applications can be aggregated and elevated, so that you can build a dashboard showing the average sales per day, the average number of customers, conversions and other business metrics. With that data, technologists see how their optimization directly impacts the business. That could include a change in the code that auto-populates some data, or enables the task to use less data to minimize friction for purchases. And now instead of being seen this application observability as a cost center, the value of the work IT is doing is tied directly to the business.

“If you release code and then see that happen in a business dashboard, the technologists can say, my code, my application, my infrastructure did that, and now they understand how they directly impact business,” Byrne says. “With the ability to link what they’re doing, how they’re doing it, the performance of their teams along with code and architectures, to a business metric, comes pride of ownership. They feel like they have a seat at the table now, a bigger voice, and can help advance the business. That’s a huge opportunity.”

Implementing an application observability solution also means that engineers are spending more time writing code – what they want to be doing – and less time bug fixing or refactoring. Team members get to the root causes more quickly, are able to measure performance more easily, before code ever goes into production, which means fewer errors are sent out into the wild.

“What these technologists need is that solution, like Cisco’s full-stack observability (FSO) offering – that brings a broad range of telemetry together and making it understandable and usable in terms of fixing issues and moving forward,” he says. “That’s what’s so needed.”

Dig deeper: Read the full “The Age of Application Observability Report” here.

Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact
Mon, 31 Jul 2023 01:20:00 -0500 VB Staff en-US text/html
Killexams : Cyberattacks: What's in Your Wallet? Killexams : Cyberattacks: What's in Your Wallet? | Food Engineering Wed, 09 Aug 2023 15:59:00 -0500 en text/html Killexams : Oppenheimer Reiterates Cisco Systems (CSCO) Outperform Recommendation No result found, try new keyword!Fintel reports that on August 17, 2023, Oppenheimer reiterated coverage of Cisco Systems (NASDAQ:CSCO) with a Outperform recommendation. Analyst Price Forecast Suggests 7.17% Upside As of August 2, ... Thu, 17 Aug 2023 01:21:17 -0500 en-us text/html Killexams : Security News This Week: US Energy Firm Targeted With Malicious QR Codes in Mass Phishing Attack

At the Defcon security conference in Las Vegas last weekend, thousands of hackers competed in a red-team challenge to find flaws in generative AI chat platforms and help better secure these emerging systems. Meanwhile, researchers presented findings across the conference, including new discoveries about strategies to bypass a recent addition to Apple’s macOS that is supposed to flag potentially malicious software on your computer. 

Kids are facing a massive online scam campaign that targets them with fake offers and promotions related to the popular video games Fortnite and Roblox. And the racket all traces back to one rogue digital marketing company. The social media platform X, formerly Twitter, has been filing lawsuits and pursuing a strategic legal offensive to oppose researchers who study hate speech and online harassment using data from the social network.

On Thursday, an innovation agency within the US Department of Health and Human Services announced plans to fund research into digital defenses for health care infrastructure. The goal is to rapidly develop new tools that can protect US medical systems against ransomware attacks and other threats.

But wait, there’s more! Each week, we round up the stories we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

A large phishing campaign that’s been active since May has been targeting an array of companies with malicious QR codes in attempts to steal Microsoft account credentials. Notably, researchers from the security firm Cofense observed the attacks against “a major Energy company based in the US.” The campaign also targeted organizations in other industries, including finance, insurance, manufacturing, and tech. Malicious QR codes were used in nearly a third of the emails reviewed by researchers. QR codes have disadvantages in phishing, since victims need to be compelled to scan them for the attack to progress. But they make it more difficult for victims to evaluate the trustworthiness of the URL they’re clicking on, and it’s more likely that emails containing a QR code will reach their target, because it’s more difficult for spam filters to assess QR images included in an attachment like a PDF.

It’s common practice for attackers—both criminal actors and state-backed hackers—to scam or otherwise lure victims from a starting point of mainstream services like email, photo sharing, or social media. Now, research from the security firm Recorded Future attempts to categorize the types of malware most often distributed from these various jumping-off points, and which strategies are most common. The goal was to deliver defenders deeper insight into the services they need to prioritize securing. The review found that cloud platforms are the most used by attackers, but communication platforms like messaging apps, email, and social media are also widely abused. Pastebin, Google Drive, and Dropbox were all popular among attackers, as are Telegram and Discord.

In response to the “Downfall” Intel processor vulnerability disclosed by Google researchers last week, organizations have been releasing tailored fixes for the flaw. The bug could be exploited by an attacker to grab sensitive information like login credentials or encryption keys. Amazon Web Services, Google Cloud, Microsoft Azure, Cisco, Dell, Lenovo, VMWare, Linux distributions, and many others have all released guidance on responding to the vulnerability. Prior to public disclosure, Intel spent a year developing fixes to distribute across the industry and coordinating to encourage widespread patch release from individual vendors. 

Sat, 19 Aug 2023 01:00:00 -0500 en-US text/html
Killexams : Cisco Announces Innovations, Investments In Security Infrastructure; Expands Data Center Footprint In India No result found, try new keyword!Cisco has announced security innovations and investments in security infrastructure in the country to help organisations become more resilient and tackle cybersecurity risks in a hybrid world. Mon, 20 Mar 2023 02:02:00 -0500 en-US text/html Killexams : Patch Now: OpenNMS Bug Steals Data, Triggers Denial of Service

Maintainers of OpenNMS patched a high-severity vulnerability in both the community-supported and subscription-based versions of the widely used open source network monitoring software.

The XML external entity (XXE) injection vulnerability gives attackers a way to exfiltrate data from the OpenNMS file server system, send arbitrary HTTP requests to internal and external services, and trigger denial-of-service conditions on affected systems.

Platform Trusted by Cisco, GigaComm, Others

Researchers from Synopsys discovered the vulnerability in June and reported it to the maintainers of OpenNMS, who released a patch last week.

"CVE-2023-0871 impacts both Meridian and Horizon, the subscription-based and community-supported, respectively, versions of the OpenNMS network monitoring platform," says Ben Ronallo, vulnerability management engineer for Synopsys. "This platform is trusted by companies like Cisco, GigaComm, Savannah River Nuclear Solutions (SRNS), as well as others in CISA's Critical Infrastructure Sectors," he adds.

Organizations use OpenNMS to monitor their local and distributed networks for a variety of uses, including performance management, traffic monitoring, fault detection, and alarm generation. The Java-based platform supports the monitoring of both physical and virtual networks, applications, servers, business performance indications, and custom metrics.

The free version of OpenNMS Horizon is a community-driven project that includes many of the same features as the subscription-based OpenNMS Meridian version. However, it lacks the support and easier release and update cycles available with the subscription version.

Permissive XML Parser

According to Synopsys, CVE-2023-0871 stems from a permissive XML parser configuration that makes the parser prone to XML external entity attacks. An XML parser configuration is permissive if, for example, it allows external files and URLs to be referenced within XML. XXE vulnerabilities, like those discovered by Synopsys, allow an attacker to essentially interfere with an application's processing of XML data.

"CVE-2023-0871 is an XXE injection attack, which leverages the default credentials for the Realtime Console (RTC) REST API," Ronallo says. "This attack modifies trusted XML data by anticipating how the data is processed." This enables an attacker to potentially compromise other physical and/or virtual systems, view files on the system running the vulnerable app, or make HTTP requests to other systems via Server-Side Request Forgery (SSRF), he notes.

The OpenNMS project described the vulnerability as affecting OpenNMS Horizon 31.0.8 and versions prior to 32.0.2 on multiple platforms. The maintainers of the project urged organizations using affected versions of the software to update to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38, or Horizon 32.0.2 or newer. The alert reminded organizations not to make OpenNMS directly accessible over the Internet and to ensure that it is installed and used only with an organization's internal network.

"Assuming users of the platform adhere to OpenNMS' recommendation to only install within private networks, the likelihood of this attack succeeding is reduced to malicious insiders," Ronallo says. This could include a compromised user or a disgruntled employee. "However, if successfully exploited, this vulnerability could lead to system compromise."

CVE-2023-0871 is one of several vulnerabilities that researchers have uncovered in OpenNMS so far this year. Among the more serious of them are CVE-2023-0870, a cross-site request forgery issue with a CVSS score of 8.1, and present in multiple versions of OpenNMS Horizon and Meridian and CVE-2023-0846, an unauthenticated, cross-site scripting vulnerability in both OpenNMS versions.

Wed, 16 Aug 2023 12:59:00 -0500 en text/html
Killexams : Out of nowhere, India requires PC and server makers to get an import license No result found, try new keyword!The unheralded move, announced in a slightly off-center scanned PDF from the Ministry of Commerce and Industry ... a billion dollars worth of servers in India over five years, and Cisco has promised ... Thu, 03 Aug 2023 14:33:00 -0500 en-us text/html
500-901 exam dump and training guide direct download
Training Exams List