CCNA Security Exam Tutorial:When It’s Good To Add Salt
When you started studying for your CCNA certification exam, one of the very first things you learned was the major difference between the enable password and the enable secret – the enable secret is encrypted by default, where the enable password is just sitting there in clear text, waiting to be read!
When you look at the enable secret in a Cisco router configuration, it looks like it would be impossible to guess. 640-802:Cisco Certified Network Associate(CCNA) After setting the enable secret on this router to the word security, here’s how it appears in the configuration:enable secret 5 $1$24me$gVFxUOI4gYp0IQbhtH8Rz0.That password has been encrypted by MD5, the Message Digest 5 algorithm. The result of the MD5 algorithm being applied to the password is a 32-character hexadecimal value.
That password is hard to guess, but not terribly hard to crack. Anyone looking over your shoulder would not be able to come up with that password, but there are readily-available password cracking software devices that can crack that encryption in a matter of minutes. That’s true of any MD5-encrypted password, not just those on Cisco routers.So what can we do about this? We can add SALT to our MD5.
The salt itself is simply a string of random characters that are added to the encryption process. Salting makes it much more difficult for a hacker to come up with the password; each bit added by the salt process literally makes it twice as difficult for the password to be compromised. A recent Wikipedia entry states that if a password was one of 200,000 words, a 32-bit salt would require 800 trillion hashes for a full-blown brute force attack.
The actual creation and application of a salt is beyond the scope of the CCNA Security exam, but once you’ve earned that valuable certification – or maybe while you’re preparing for it – do a Google search on “salt md5” and read up on this powerful security tool. In the meantime, look for more CCNA Security tutorials on the site you’re on now as well as my website!
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of over 100 free certification exam tutorials, including Cisco CCNA certification test prep articles. His exclusive Cisco CCNA study guide and Cisco CCNA training is also available! Visit his blog and sign up for Cisco Certification Central, a daily newsletter packed with CCNA, Network+, Security+, A+, and CCNP certification exam practice questions! A free 7-part course, “How To Pass The CCNA”, is also available, and you can attend an in-person or online CCNA boot camp with The Bryant Advantage!
SAS Certified Data Integration Developer for SAS 9 Credential A00-260考試要求考生在2小時內完成71道選擇題,并達到67%就可以獲取考試!考生在全球的Prometric考試中心注冊報名并參加考試!在SAS數據整合開發 SAS9考試將測試考生的能力,運用SAS環境發展必要的數據集成的知識的技能。
成功的SAS 9 Credential A00-260考生應熟練掌握SAS商業分析定義架構的平台;創建元數據的源和目標數據;創建目標數據的元數據和作業;使用表和表裝載機轉型;定義生成的轉換;部署工作等技術。
SAS 9 A00-260考試內容主要包括:定義架構的平台,SAS商業分析; 描述了可用的接口;SAS定義的變更管理功能數據整合工作室;討論 DataFlux集成服務器;創建元數據的源和目標數據;定義要執行的管理任務為 SAS數據整合工作室;描述新庫嚮導;使用註冊登記表嚮導源數據。… Continue reading
獲得項IBM lotus方面的認證顯得尤為重要。IBM LOT-737考試是IBM Lotus 公司的Using LotusScript in IBM Lotus Domino 7 Applications認證考試官方代號,意在通過這項認證提高技術人員各方面的能力。
一般考認證兩個目的,一來是學習產品知識,二來通過認證,得到一個可以證明自己能力的東西用來學習的材料首推Killtest題庫,非常全面。… Continue reading
nncds-alteon 認證作為全球IT領域專家 Nortel 熱門認證之一,是許多大中IT企業選擇人才標準的必備條件。920-241 考試是 Nortel 公司的 nncds-alteon 認證考試官方代號,TestInside 的 920-241 權威考試題庫軟體是 Nortel 認證廠商的授權產品,Killtest 絕對保證第一次參加 920-241 考試的考生即可順利通過,否則承諾全額退款!… Continue reading