Click and download 500-701 exam Practice Test and Latest Topics to pass actual test. known as high recognition of serving people to pass the 500-701 test of their very first attempt. We have very sensitive position among several exam braindumps suppliers. We maintain of quality by updating 500-701 real questions on regular basis and check the validity of 500-701 free pdf download on regular basis.

Home > Practice Tests > 500-701

500-701 Cisco Video Infrastructure Design (VID) Practice Test |

500-701 Practice Test - Cisco Video Infrastructure Design (VID) Updated: 2024

Searching for 500-701 exam dumps that works in real exam?
Exam Code: 500-701 Cisco Video Infrastructure Design (VID) Practice Test January 2024 by team

500-701 Cisco Video Infrastructure Design (VID)

The Cisco Video Infrastructure Design (VID) version 1.0 Cisco® Training on Demand course is designed for individuals that install and support the Cisco Expressway™ video network solution. You will learn how to install, configure, operate, and maintain core visual communication components, including Cisco TelePresence® endpoints, and to integrate on-premises solutions with cloud solutions, meeting solutions, and management software.

You also learn about Cisco Meeting Server and the Cisco Collaboration Meeting Rooms (CMR) Cloud solution and how you can deploy large-scale telepresence conferencing quickly using Cisco TelePresence Management Suite (TMS). Youll be introduced to Cisco WebEx® and Cisco Spark™, and will learn how to administer Cisco Spark and how Cisco Spark integrates with Cisco Expressway. In addition, you gain an understanding of the APIs and automation features of Cisco Meeting Server and Cisco Spark.

Upon completion of this course, you should be able to:

● Define Cisco TelePresence solutions components and architecture

● Understand Cisco TelePresence Video Communication Server (Expressway) for basic and advanced video networks

● Understand Cisco TelePresence Management Suite (TMS)

● Define Cisco Meeting Server features

● Describe the integration of Cisco collaboration on-premises solutions with Cisco Cloud

● Demonstrate how Cisco TelePresence Content Server (TCS) interacts with other products within Ciscos TelePresence solution

Course Prerequisites

The knowledge and skills necessary before attending this course are:

● Basic computer and IP network literacy

● Basic knowledge of video conferencing and streaming fundamentals Course Outline

● Section 1: Cisco Video Network Solutions

● Section 2: Cisco Endpoints Overview

● Section 3: Cisco Expressway Basic Setup

● Section 4: Components of Cisco Expressway Security

● Section 5: Call Control on a Cisco Expressway

● Section 6: Fundamentals of Subzones and Zones on Cisco Expressway

● Section 7: Clustering on the Cisco Expressway

● Section 8: Cisco Meeting Server Features and Capabilities

● Section 9: Cisco Meeting Server API

● Section 10: Cisco Meeting Server Resilient and Scalable Deployments

● Section 11: Additional Features with Cisco Meeting Server

● Section 12: Cisco CMR Cloud, Premises, and Hybrid Products

● Section 13: Cisco TelePresence Server and Cisco TelePresence Conductor

● Section 14: Cisco TMS Solution

● Section 15: Cisco WebEx and Spark Cloud Solutions

● Section 16: Cisco Spark Administration

● Section 17: Cisco Spark Hybrid Services

● Section 18: Cisco Spark APIs and BOTs
Cisco Video Infrastructure Design (VID)
Cisco Infrastructure Practice Test

Other Cisco exams

010-151 Cisco Certified Technician (CCT) for Data Center
500-275 Securing Cisco Networks with Sourcefire FireAMP Endpoints
CICSP Cisco IronPort Certified Security Professional
600-455 Deploying Cisco Unified Contact Center Enterprise (DUCCE)
500-210 SP Optical Technology Field Engineer Representative
500-052 Deploying Cisco Unified Contact Center Express (UCCXD)
500-651 Security Architecture for Systems Engineer (SASE)
500-701 Cisco Video Infrastructure Design (VID)
500-301 Cisco Cloud Collaboration Solutions
500-551 Cisco Networking: On-Premise and Cloud Solutions
700-020 Cisco Video Sales Essentials
500-710 Cisco Video Infrastructure Implementation
700-105 Cisco Midsize Collaboration Solutions for Account Managers
500-325 Cisco Collaboration Servers and Appliances
500-490 Designing Cisco Enterprise Networks
500-470 Cisco Enterprise Networks SDA, SDWAN and ISE Exam for System Engineers
500-901 Cisco Data Center Unified Computing Infrastructure Design
500-230 Cisco Service Provider Routing Field Engineer
700-150 Introduction to Cisco Sales
700-651 Cisco Collaboration Architecture Sales Essentials
700-751 Cisco SMB Product and Positioning Technical Overview (SMBSE)
300-410 Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)
300-415 Implementing Cisco SD-WAN Solutions (ENSDWI)
300-420 Designing Cisco Enterprise Networks (ENSLD)
300-425 Designing Cisco Enterprise Wireless Networks (ENWLSD)
300-430 Implementing Cisco Enterprise Wireless Networks (ENWLSI) 2023
300-435 Automating Cisco Enterprise Solutions (ENAUTO)
300-510 Implementing Cisco Service Provider Advanced Routing Solutions (SPRI)
300-610 Designing Cisco Data Center Infrastructure (DCID)
300-615 Troubleshooting Cisco Data Center Infrastructure (DCIT)
300-620 Implementing Cisco Application Centric Infrastructure (DCACI)
300-635 Automating Cisco Data Center Solutions (DCAUTO)
300-810 Implementing Cisco Collaboration Applications (CLICA)
300-815 Implementing Cisco Advanced Call Control and Mobility Services (CLACCM) - CCNP
300-910 Implementing DevOps Solutions and Practices using Cisco Platforms (DEVOPS)
300-920 Developing Applications for Cisco Webex and Webex Devices (DEVWBX)
350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR)
350-501 Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR)
350-601 Implementing Cisco Data Center Core Technologies (DCCOR)
350-701 Implementing and Operating Cisco Security Core Technologies (SCOR)
350-801 Implementing Cisco Collaboration Core Technologies (CLCOR)
350-901 Developing Applications using Cisco Core Platforms and APIs (DEVCOR)
500-215 SP Mobility Technology Systems Engineer Representative
200-301 Cisco Certified Network Associate - CCNA 2023
100-490 Cisco Certified Technician Routing & Switching (RSTECH)
200-201 Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
200-901 DevNet Associate (DEVASC)
300-535 Automating Cisco Service Provider Solutions (SPAUTO)
300-710 Securing Networks with Cisco Firepower
300-715 Implementing and Configuring Cisco Identity Services Engine
300-720 Securing Email with Cisco Email Security Appliance
300-725 Securing the Web with Cisco Web Security Appliance (SWSA)
300-730 Implementing Secure Solutions with Virtual Private Networks
300-735 Automating Cisco Security Solutions (SAUTO)
300-820 Implementing Cisco Collaboration Cloud and Edge Solutions
300-835 Automating Cisco Collaboration Solutions (CLAUTO)
500-440 Designing Cisco Unified Contact Center Enterprise (UCCED)
600-660 Implementing Cisco Application Centric Infrastructure - Advanced
300-515 Implementing Cisco Service Provider VPN Services (SPVI)
300-915 Developing Solutions Using Cisco IoT and Edge Platforms (DEVIOT)
300-215 Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies (CBRFIR)
350-201 Performing CyberOps Using Core Security Technologies (CBRCOR)
500-240 Cisco Mobile Backhaul for Field Engineers (CMBFE)
700-765 Cisco Security Architecture for System Engineers
820-605 Cisco Customer Success Manager (CSM)
700-805 Cisco Renewals Manager (CRM)
500-452 Cisco Enterprise Networks Core and WAN (ENCWE)
700-760 Cisco Security Architecture for Account Managers
700-680 Cisco Collaboration SaaS Authorization (CSaaS)
700-846 Cisco IoT Advantage for Account Managers (IOTAAM)?
500-451 Cisco Enterprise Networks Unified Access Exam (ENUAE)
500-920 Cisco Data Center Unified Computing Infrastructure Troubleshooting (DCITUC)
500-220 Cisco Meraki Solutions Specialist (ECMS)
500-560 Cisco Networking: On-Premise and Cloud Solutions
500-445 Cisco Contact Center Enterprise Chat and Email (CCECE)
500-442 Administering Cisco Contact Center Enterprise (CCEA)
500-265 Cisco Advanced Security Architecture System Engineer (ASASE)
700-755 Small Business Technical Overview (SBTO)
500-444 Cisco Contact Center Enterprise Implementation and Troubleshooting (CCEIT)
500-443 Advanced Administration and Reporting of Contact Center Enterprise (CCEAAR)

Generally, good and updated websites offering 500-701 dumps are very few. All others are resellers. At, we have our own resources to get 500-701 real exam questions. Our 500-701 exam simulator is best to improve your knowledge about the topics of 500-701 exam. Searching free 500-701 PDF on internet is waste of time and money. Keep in mind, there is no good quality thing which is free on internet.
Cisco Video Infrastructure Design
Question: 62
Which is an administrative function Cisco Spark Partner resellers are allowed to perform
from the Cisco Spain Management portal?
A. Determine role-based access and view usage reports.
B. Enable Single Sign-On and Directory sync through corporate LDAP services on
C. Determine Single Sign-On customer usage reports.
D. Customer account management.
Answer: D
Question: 63
Which product is a Call Control Server that supports both voice and video
A. Cisco Telepresence Management Suite
B. Cisco Content Server
C. Cisco Meeting Server
D. Cisco Unified Communications Manager
Answer: D
Question: 64
What protocol does an Expressway use to send the can setup message in an H.323 call?
A. H.245
B. H.239
C. T.120
D. Q.931
Answer: B
Question: 65
Which Cisco WebEx Products can support over 5000 attendees?
A. Cisco WebEx Training Center
B. Cisco WebEx Event Center
C. Cisco WebEx Support Center
D. Cisco WebEx Meeting Center
Answer: B
Question: 66
What is a function of a management solution?
A. To join 3 or more participants in a meeting
B. To provide an audio and video interface for the user
C. To act as a traffic cop for network communication
D. To schedule calls
Answer: B
Question: 67
Which Cisco Meeting Server component is used for traversal?
A. TURN Server
B. Recorder
C. SIP Edge
D. Database
Answer: A
Question: 68
Which ports are used for SIP calling on the Expressway?
A. 5060 and 5061
B. 164 and 323
C. 80 and 443
D. 1719 and 1720
Answer: D
Question: 69
What is a primary purpose of the Traversal Subzone?
A. To enable firewall traversal between public and private endpoints.
B. To provide for Mobile Remote Access for endpoints outside the network.
C. To apply bandwidth restrictions on traversal calls.
D. To encrypt traversal calls to neighbored Expressways.
Answer: C
Question: 70
Which is a configuration mode through Cisco Spark that allows Zero Touch Meetings
(ZTM) and allows a user to utilize their enterprise phone as the audio or video terminal
for Spark calls?
A. Call Service Connect
B. Calendar Service
C. Directory Service
D. Call Connector
Answer: D
For More exams visit
Kill your exam at First Attempt....Guaranteed!

Cisco Infrastructure Practice Test - BingNews Search results Cisco Infrastructure Practice Test - BingNews Placement Test Practice Placement Test Practice

Being prepared is the best way to ease the stress of test taking. If you are having difficulty scheduling your Placement Test, please contact the UNG Testing Office.

If you have a red yes in any Placement Test Required row on your Check Application Status page in Banner, read the information below relating to the area in which you have the red yes.

Establishing Connection...

Wed, 13 Jul 2022 09:51:00 -0500 en text/html
Navigating the World of IT Certifications: The Role of Practice Tests and the Pitfalls of Exam Dumps with Microsoft, Cisco, and CompTIA No result found, try new keyword!This article explores the importance of practice tests in achieving Microsoft, Cisco, and CompTIA certifications ... for their emphasis on networking and infrastructure proficiency. Wed, 29 Nov 2023 09:59:00 -0600 en-us text/html Best IT Certifications for 2024

Earning specialized certifications is a surefire way to advance your career in the IT field, regardless of industry or current career level. The right certification validates your skills and knowledge, which makes you more desirable to future employers who want to attract and retain the best employees. Below, we’ll explore the top IT certifications and share how to examine your goals to choose the right path forward. 

We’ve narrowed IT certifications into specific categories to help IT professionals assess what’s available and pursue the best certifications to show their willingness to learn and develop the in-demand career skills employers want.

Best database certifications 

Database platforms have changed greatly over the years, but database technology remains important for various applications and computing tasks. Available certifications for IT professionals include those for database administrators (DBAs), database developers, data analysts and architects, business intelligence, and data warehousing specialists, and other data professionals.

Obtaining database certifications demonstrates an understanding of database concepts, design, implementation, administration and security. This can boost your credibility in the job market and show potential employers that you have the skills needed to work with databases. The best database certifications include the following:

Best SAS certifications 

SAS is one of the world’s leading firms for business analytics, data warehousing and data mining. Today, the SAS Global Certification Program offers 23 credentials across categories including foundation tools, advanced analytics, business intelligence, data management and administration.

SAS programmers remain in high demand, with a quick search of job boards showing thousands of open positions. Obtaining SAS certification shows employers that you are proficient in the company’s popular suite of tools. Some of SAS’s certification programs include the following: 

Many professionals earn certifications to help navigate their career paths. According to the IT Salary Report, 92 percent of information technology professionals have at least one certification.

Best Cisco certifications 

Cisco Systems is a market leader not only in networking and communications products, but also storage networking and solutions for data centers. Cisco offers a variety of certifications for IT professionals, ranging from entry level credentials to expert-level exams. 

These certifications prepare professionals for Cisco-related careers. A search of job boards reveals thousands of open positions for Cisco experts, underscoring the continued relevance of these skills. Some of Cisco’s certifications include the following:

Best Dell certifications 

Dell Technologies remains one of the world’s leading computing companies. In addition to its well-known hardware lineup, Dell also offers solutions for networks, storage, servers, gateways and embedded computing, as well as a broad range of IT and business services.

Becoming certified in Dell products can help make IT professionals competitive in engineering roles for server, virtualization, networking, systems, integration and data security. Additional roles include consultants, account executives, system administrators, IT managers and deployment managers.

Best mobility certifications 

In the mobile era, it has become increasingly important for network engineers to support local, remote and mobile users, as well as provide proper infrastructure. The focus on application and app development now leans more toward mobile environments, requiring security professionals to thoroughly address mobility from all perspectives.

Due to the fast-changing nature of mobile technology, not many mobility certifications have become widely adopted. However, a few of the top mobility certifications can help IT professionals stand out in this rapidly evolving field. 

If part of your job includes selling and implementing an IT solution, you may want to pursue the best sales certifications. You’ll show your organization that you’re willing to go above and beyond to reach sales targets.

Best computer hardware certifications 

As remote and computer-based work has become more common, it’s more important than ever that businesses and individuals be able to maintain their hardware. While discussions about potential computer-related jobs often revolve around software work and coding, jumping into the IT field by becoming a computer technician is an excellent starting point.

Today, thousands of hardware technician jobs are available across the country. Entering this industry becomes more accessible for those who acquire computer hardware certifications. These certifications can showcase your expertise and proficiency in the upkeep of computers, mobile devices, printers and other hardware components.

Best Google Cloud certifications 

IT pros with solid cloud computing skills continue to be in high demand as more companies adopt cloud technologies. Today, Google Cloud is one of the market leaders in the cloud computing space. 

Regardless of where you are in your IT career, engaging with certification programs can demonstrate your willingness to keep on top of rapidly evolving cloud technologies. To that end, Google has introduced a host of certifications for its cloud platform, including the following: 

Best evergreen IT certifications

In the fast-changing world of technology, it can help to focus on certifications that have stood the test of time. “Evergreen” refers to certifications that remain popular year after year. 

The top evergreen certifications are based on recent pay surveys in IT, reports from IT professionals about certifications they want or pursue the most, and those that appear most frequently in online job postings. Obtaining these credentials is one step toward ensuring that your skills remain relevant for a long time: 

Best IT governance certifications 

IT governance provides structure for aligning a company’s IT with its business strategies. Organizations faced with compliance rigors always need experienced IT pros who can see the big picture and understand technology risks. This means certified IT governance professionals are likely to remain in high demand.

Earning one of the following certifications proves a commitment to understanding the role of IT governance and its position in a company’s current and future success. Getting certified can validate your expert knowledge and lead to advanced career opportunities.

Best system administrator certifications 

An IT system administrator is responsible for managing and maintaining the information technology infrastructure within an organization. The position demands sought-after career skills, ranging from configuring and maintaining servers and clients to managing access controls, network services, and addressing application resource requirements.

If you’re in charge of managing modern servers, there’s a long list of tools and technologies that system administrators must master. Obtaining some of the most prominent system administrator certifications can demonstrate your mastery to potential employers. 

Best ITIL certifications 

ITIL, or Information Technology Infrastructure Library, was developed to establish standardized best practices for IT services within government agencies. Over the ensuing four decades, businesses of all types embraced, modified, and extended ITIL, shaping it into a comprehensive framework for managing IT service delivery. 

The ITIL framework remains the benchmark for best practices in IT service and delivery management, offering certification programs that cater to IT professionals at all levels. These training and certification courses ensure that IT professionals stay well-prepared for the ongoing evolution in IT service delivery management. There are four certifications in the ITIL certification program:

Best enterprise architect certifications 

An IT enterprise architect is responsible for designing and managing the overall structure and framework of an organization’s information technology system. Enterprise architect certifications are among the highest that an IT professional can achieve; fewer than 1 percent ultimately reach this level. 

Enterprise architects are among the highest-paid employees and consultants in the tech industry. These certifications can put IT professionals on a path to many lucrative positions. The average worker earns over six figures annually. Some top enterprise architect certifications are listed below:

To become an enterprise IT architect, you’ll need knowledge of systems deployment, design and architecture, as well as a strong business foundation.

Best CompTIA certifications

CompTIA is a nonprofit trade association made up of more than 2,000 member organizations and 3,000 business partners. The organization’s vendor-neutral certification program is one of the best recognized in the IT industry. Since CompTIA developed its A+ credential in 1993, it has issued more than two million certifications.

CompTIA certifications are grouped by skill set and focus on the real-world skills IT professionals need. Armed with these credentials, you can demonstrate that you know how to manage and support IT infrastructure. 

Best Oracle certifications 

A longtime leader in database software, Oracle also offers cloud solutions, servers, engineered systems, storage, and more. The company has more than 430,000 customers in 175 countries. 

Today, Oracle’s training program offers six certification levels that span 16 product categories with more than 200 individual credentials. Considering the depth and breadth of this program — and the number of Oracle customers — it’s no surprise that Oracle certifications are highly sought after. 

Vendor-specific certifications address a particular vendor’s hardware and software. For example, you can pursue Oracle certifications and Dell certifications to become an expert in those companies’ environments.

Best business continuity and disaster recovery certifications

Business continuity and disaster recovery keep systems running and data available in the event of interruptions or faults. These programs bring systems back to normal operation after a disaster has occurred.

Business continuity and disaster recovery certifications are seeing a healthy uptrend as new cloud-based tools grow in popularity. While business continuity planning and disaster recovery planning have always been essential, they’re becoming more critical than ever — and IT certifications are following suit.

Tue, 02 Jan 2024 09:59:00 -0600 en text/html Cisco, HP Duking It Out For Cloud Infrastructure Crown

Getting Into The Cloud Ring

Cisco Systems and Hewlett-Packard are neck and neck in the rapidly growing cloud infrastructure equipment market, with both companies owning just over 13 percent of the worldwide market share by revenue, according to new data from Synergy Research Group.

The networking giant has a clear lead in the public cloud infrastructure market, while HP is beating Cisco on the private cloud side. Synergy reports that total cloud infrastructure equipment revenues for the first quarter of the current fiscal year were more than $14.5 billion, representing a 25 percent year-over-year growth.

CRN spoke with Jeremy Duke, founder and chief analyst at Synergy, and solution providers about how the two rivals are leading the market and who will ultimately win.

Cisco Riding A 6 Percent Lead In Public Cloud

Cisco is leading the public cloud, with 15 percent of market share, followed by HP at 9 percent and Dell at 6 percent.

"Cisco is tied in with VCE around the vBlock technology, and Cisco is tied in with NetApp around FlexPod. They offer quick turn-key solutions to getting these types of things going. Not that HP doesn't offer them, but that's what gives Cisco an advantage," said a top executive at one Northeast solution provider who partners with HP and Cisco. "Telecoms are typically the ones building the bigger public clouds, and HP doesn't really play like Cisco in that telecom market."

The San Jose, Calif.-based networking giant's 6 percentage point market share lead over HP on the public side mainly stems from its already established share of the networking segment and its growing position in servers, according to Duke.

" Cisco has come from the initial infrastructure build-out of what we have now come to know as the Internet," said Duke. "For Cisco, a significant disruptive decision was to invest in blade servers, which was then followed with Cisco building specialized algorithms and ASICs to make servers, networking and storage work together optimally."

HP No. 2 In Public Cloud

Palo Alto, Calif.-based HP holds the No. 2 spot in the public cloud, with 9 percent.

HP touts its Helion Public Cloud as a transparent, enterprise-grade public cloud based on OpenStack technology, offering pay-as-you-go cloud services for computing and storage infrastructure as well as platform services.

"Helion has a great message, [but it's] not practical," said another executive solution provider on CRN's Solution Provider 500 list who partners with Cisco and HP. "I don't know of many true Helion deployments."

HP created a scare in the partner community after The New York Times reported that the company would be "ceding" public cloud market. Although executives later denied the report, partners are also wondering if HP's splitting into two companies will have an impact on the enterprise market.

"Since HP's No. 2 here, there's no need to panic, but I'm wondering what they're going to look like in this [space] in a year," said the SP500 executive. "We're all hoping the split-up goes through smoothly."

HP Winning Private Cloud By 5 Percent

HP is in the No. 1 spot when it comes to the share of private cloud infrastructure, owning 16 percent of the market, followed by Microsoft with 13 percent share, then Cisco at 11 percent.

The company's private cloud dominance is the result of its strong legacy as an enterprise server vendor, said Duke.

"HP has been a strong foundational part of private enterprise and SMB IT infrastructure for decades, with HP's flagship data center and cloud offering being based around server computing," said Duke.

"For organizations that are truly building their own private cloud internally -- they may be building on things like OpenStack or Linux KVM -- those types of technologies, the commodity hardware that HP has plays much better than the Cisco stuff from a cost perspective," said the Northeast solution provider executive.

Cisco Trails HP, Microsoft In Private Cloud

Cisco sits at the No. 3 spot in the private cloud market, lagging behind HP by 5 percentage points.

Partners said Cisco's Intercloud strategy of hybrid clouds isn't resonating quite yet with customers in 2015 as much as they anticipated, which could be impacting its private cloud sales.

"[Cisco's] really pushing hybrid IT, instead of solely private cloud," said the Northeast solution provider. "HP had the Moonshot program that went out that had very dense servers for scalability, which might have taken some [share] from Cisco here."

The networking giant in April did unveil a new OpenStack Private Cloud Bundle and new financing option aimed at enabling channel partners to sell its OpenStack Private Cloud offering, which it gained in September through its acquisition of Metacloud.

Total Cloud Market

HP’s growth over the past four quarters has slightly outpaced Cisco's, allowing it to close the gap on its biggest competitor, according to Duke.

The rival companies are racing side by side for the total cloud infrastructure equipment race -- both hovering at 13 percent, followed by Microsoft at 8 percent.

"The fundamental reason for HP's and Cisco's current leading share position really comes down to where each vendor started from, in that their starting point has led and defined their path to where they are today," said Duke. "For the future, … this is where things are going to get very interesting."

Who's Going To Win?

"If you look at it from the network and the converged infrastructure, I do think Cisco definitely has a leg up," said the Northeast solution provider executive. "HP to me, it's not that they don't have the solutions out there, I just don't see the sales and marketing as orchestrated quite as well as Cisco. I would hedge my bet on Cisco over HP."

Duke says whichever advances the development of its computational, networking platforms and creates software that fully optimizes the infrastructure will win the market. Advances must come in the form of management and orchestration of networking and storage platforms such as OpenStack. Additionally, advances in enterprise collaboration platforms and automation are needed, says Duke.

"I think the public cloud ranking is the only one that is real, since I know of very few true private clouds in the world," said the SP500 executive. "So I would go with Cisco."

Other Key Players

Several other vendors have seen year-on-year cloud revenue growth rates in excess of 20 percent, says Duke, while original design manufacturers (ODMs) are also benefitting from hyperscale cloud providers' outsourcing the supply of their own designed hardware.

For total cloud infrastructure, Microsoft was in third place at 8 percent, followed by Dell, IBM, and EMC, which are all in the 4 percent to 7 percent market share range. VMware and Lenovo both have 3 percent or less market share. Microsoft and VMware are key players in the total cloud ranking because of their positions in server operating system and virtualization applications, while IBM maintains a strong presence across a range of cloud markets.

Mon, 22 Jun 2015 02:30:00 -0500 text/html
Cisco Leads $1.4B SD-WAN Infrastructure Market: IDC

Cisco’s two SD-WAN solutions, one of which is powered by Viptela, is helping the tech giant take a big chunk of market share in the increasingly crowded SD-WAN market.


Cisco Systems came out ahead of the pack in the $1.4 billion SD-WAN infrastructure market last year, according to market research firm IDC.

The latest IDC market share report ranks Cisco in first place for 2018 market share worldwide for SD-WAN Infrastructure, which was up 64.0 percent last year. Cisco, according to the report, captured 46.4 percent of the total SD-WAN market last year or $637.7 million, an increase of 55.4 percent year-over-year.

Trailing Cisco was the "rest of market" segment, which included a mix of emerging SD-WAN players such as CloudGenix, Fortinet, and Versa Networks. The “rest of market” segment captured 20.8 percent of the SD-WAN market in 2018 or $285.9 million, up 86.1 percent year-over-year.

[Related: 6 Hot SD-WAN Technologies To Follow In 2019]

Rohit Mehra, vice president of network infrastructure for IDC and one of the report's authors, told CRN that Cisco's significant share in the SD-WAN space is thanks to its extensive routing portfolio it uses in SD-WAN deployments. Cisco is also bringing two SD-WAN solutions to the table: its flagship SD-WAN platform powered by technology it acquired from Viptela in August 2017 and a Meraki SD-WAN offering.

"Additionally, [Cisco] is able to leverage their large installed base of enterprise routers sold through VARs and telcos, all of which can now be upgraded with Viptela SD-WAN functionality," Mehra said.

Katalyst, a Charlotte, N.C.-based solution provider that is reselling Cisco SD-WAN, is also offering a white-labeled, managed SD-WAN services based on Cisco's offering. Katalyst made the choice to "go big" with Cisco in the SD-WAN space because of the tech giant's footprint in the market, and because security is about 40 percent of Katalyst's business today, said Jesse White, field CTO for the solution provider.

A Cisco Gold and Master security partner, Katalyst has been able to bundle SD-WAN and security into a managed service for its customers, White said.

"Cisco made some early integrations with cybersecurity with are included in SD-WAN," he said. "We've found harmony with our customers is in taking away devices -- so simplifying the IT environment and providing customers with a box that can do Layer 7 firewalling as well as all the SD-WAN benefits."

Cisco in June integrated its Viptela-powered SD-WAN offering with Cisco Umbrella, the company's cloud-based secure internet gateway. The combination is letting partners and end customers secure their SD-WAN from the cloud.

IDC this year predicted that the SD-WAN infrastructure market will grow to $4.5 billion by 2022. The combination of SD-WAN and security managed services, specifically, is a "massive" opportunity for the channel, according to Cisco's Senior Vice President and General Manager of enterprise networking Scott Harrell.

"It's not only a market where partners are distributing the classical WAN market, but they also have an opportunity to play for the security spend as well," Harrell said.

The Viptela acquisition, Katalyst's White said, has also been key in helping to boost Cisco's presence in the SD-WAN market.

"Viptela was by far one of Cisco's more strategic acquisitions," he said. "It has served them very well."

Cisco's Viptella-powered solution has helped differentiate its SD-WAN solution in the crowded market, said Wanda Castelvecchi, national practice manager for ePlus, a Cisco Gold Certified Partner that is offering both Cisco's Viptela SD-WAN solution as well as the Cisco Meraki offering, in addition to SD-WAN products from other providers.

"Viptela had been making a little headway on its own -- we had customers that were already customers of Viptela before the acquisition -- which I definitely think helped [Cisco] stand out and even add some simplicity to their previous iteration of SD-WAN," Castelvecchi said.

Market research firm Gartner in its 2018 Magic Quadrant for WAN Edge Infrastructure also named Cisco in its "Leader" quadrant, alongside fellow leaders VMware and Silver Peak.

IDC's 2018 SD-WAN infrastructure market share report listed VMware as capturing 8.8 percent of the market or $121.2 million, a 39.9 percent increase year-over-year that was in part driven by its SD-WAN service powered by VeloCloud, which the Palo Alto, Calif.-based provider acquired in December 2017.

Silver Peak followed at 7.4 percent or $101.1 million, a 93 percent year-over-year increase. Aside from the “rest of the market” segment, VMware and Silver Peak were the two closest vendors to Cisco.

Tue, 24 Sep 2019 03:38:00 -0500 text/html
Cyberespionage and cybersabotage in two hybrid wars. CISA advances defensive tactics. The SEC's disclosure rules take effect.

At a glance.

  • Predatory Sparrow and Iran's gas stations.
  • Iran's Seedworm and its telco targets.
  • Kyivstar's recovery from cyberattack.
  • Ukrainian reprisals for Russia's Kyivstar attack.
  • CitrixBleed exploit at Xfinity.
  • Remote encryption of ransomware.
  • Web-injection malware attacks on banks.
  • Agent Tesla is spreading through an old vulnerability.
  • Cyberattack on Insomniac Games.
  • AI-generated email attacks.
  • Malware increasingly uses public infrastructure.
  • QR code scams.

Predatory Sparrow and Iran's gas stations.

On Monday of this week, according to the AP, about seventy percent of Iran's gasoline stations went out of operation due to what Iranian media at first described as a "software problem." Reuters subsequently reported that Iran's Oil Minister Javad Owji attributed the outages to a cyberattack. Iranian media attributed the attack to Predatory Sparrow, a group Iran attributes to Israel (and about which Israel had no comment). Like the CyberAv3ngers, Predatory Sparrow has a history in the region. The disruptions appear to have affected gas station point-of-sale systems, the Times of Israel reports. Predatory Sparrow claims to have accessed "the payment systems of the impacted gas stations, as well as each station’s central server and management system." For more on cyber operations connected with the Hamas-Israel war, see CyberWire Pro.

Iran's Seedworm and its telco targets.

Researchers at Symantec (part of Broadcom) warn that the Iranian cyberespionage group Seedworm (also known as “MuddyWater”) is targeting telecommunications organizations in Egypt, Sudan, and Tanzania: “Seedworm has long had an interest in telecommunications organizations, as do many groups engaged in cyberespionage activities. However, its strong focus on African organizations in this campaign is notable as, while it has been known to target organizations in Africa in the past, it does generally primarily focus on organizations in countries in the Middle East. That one of the victim organizations in this campaign is based in Egypt is also of note given Egypt’s proximity to Israel, a frequent target of Seedworm.”

Kyivstar's recovery from cyberattack.

The Kyiv Post reports that Kyivstar has fully restored its services, quoting the telco as saying, “The company’s specialists worked non-stop to swiftly restore subscribers’ ability to use all communication services throughout Ukraine and abroad after the largest hacker attack in the history of the global telecommunications market.” An analysis by the Atlantic Council considers the possibility that the attack on Kyivstar--a rare, large-scale success in the cyber phase of the hybrid war, and the most consequential Russian cyberattack since the takedown of Viasat ground stations in the hours after the invasion--may foreshadow an intensification of Russian efforts. Ukrainian defenses have proven formidable, but it would be unwise to conclude that Russian offensive capabilities might not respond by evolving into more effective forms.

Ukrainian reprisals for Russia's Kyivstar attack.

Ukrainian hacktivist auxiliaries claimed two reprisals for Russia's disruption of the Kyivstar telephone and Internet service.

The BLACKJACK group claimed, RBC-Ukraine reports, to have breached Russia's Rosvodokanal privately-owned water utility. RBC-Ukraine says the cyberattack was conducted with the support of Ukraine's SSU. The attack hit the utility's IT systems rather than its control systems, but BLACKJACK claims it disrupted operations nonetheless, specifically by accessing a large number of "documents," encrypting data on more than sx-thousand computers, and deleting more than fifty terabytes of data "including internal document circulation, corporate mail, cybersecurity services, backups, etc."

Another cyberattack, according to Ukrainska Pravda, sought to inflict damage on Bitrix24, an IT service provider whose customer relations management (CRM) systems are used by many large Russian companies. The effects of the attack may extend beyond Russia proper to the Commonwealth of Independent States. The disruption of CRM services seems to be particularly serious, at least in the hacktivist auxiliary's reckoning. The IT Army of Ukraine claimed credit for the attack in a Telegram post claiming credit for the attack.

The CyberWire's continuing coverage of Russia's war against Ukraine, with special attention to the cyber phases of that war, may be found here.

CitrixBleed exploit at Xfinity.

In a media release issued Monday afternoon, Comcast's Xfinity unit issued a "Notice To Customers of Data Security Incident." In a notification filed with the Maine Attorney General Comcast put the number of affected individuals at 35,879,455. The compromised data for those customers who are affected include usernames and hashed passwords. Some of those customers may also have suffered exposure of names, contact information, the last four digits of Social Security Numbers, dates of birth, "secret questions" and the answers thereto. The notifications advise the recipients to to reset their passwords and enable multifactor authentication.

Comcast hasn't received a ransom demand, nor has it seen any evidence of stolen data being exploited. “We are not aware of any customer data being leaked anywhere, nor of any attacks on our customers,” a company spokesman told TechCrunch. Comcast continues to investigate, and is working with appropriate law enforcement agencies. Neil Begley, Senior Vice President for Moody’s Investors Service, has offered an assessment of Comcast's breach. “Comcast’s announced cybersecurity breach is credit negative. Though cyber incidents have become more common, there remains risk as it could adversely impact customer behavior, cause churn to spike, and/or attract the scrutiny of the FCC and other regulators. Cyber incidents in the telecoms industry have been rising, raising questions about the industry’s cyber risk governance and defenses, as well as the overall exposure profile.”

CitrixBleed is a software supply chain vulnerability, now patched, that has been exploited in attacks against Boeing, the Industrial and Commercial Bank of China, Toyota, and other targets. For more on the Comcast incident, see CyberWire Pro.

Remote encryption of ransomware.

Researchers at Sophos warn that several high-profile ransomware groups, including Akira, ALPHV/BlackCat, LockBit, Royal, and Black Basta, are utilizing remote encryption in their attacks: “In remote encryption attacks, also known as remote ransomware, adversaries leverage a compromised and often underprotected endpoint to encrypt data on other devices connected to the same network.”

Web-injection malware attacks on banks.

Researchers at IBM earlier this year discovered a malware campaign that’s using JavaScript web injections to target banking applications: “Since the beginning of 2023, we have seen over 50,000 infected user sessions where these injections were used by attackers, indicating the scale of threat activity, across more than 40 banks that were affected by this malware campaign across North America, South America, Europe, and Japan.”

Agent Tesla is spreading through an old vulnerability.

Zscaler warns that threat actors are exploiting CVE-2017-11882, a dated remote code execution flaw affecting the Equation Editor of Microsoft Office, to deliver the Agent Tesla keylogger. The attackers are distributing malicious documents via phishing emails: “To make these spam emails seem legitimate, threat actors use words like ‘invoices’ and ‘order’ in the emails. This strategy lends authenticity to fraudulent emails and encourages users to download attachments. Once a user downloads a malicious attachment and opens it, if their version of Microsoft Excel is vulnerable, the Excel file initiates communication with a malicious destination and proceeds to download additional files without requiring any further user interaction.”

Cyberattack on Insomniac Games.

Sony developer Insomniac Games sustained a massive data breach after it refused to pay a $2 million ransom to the Rhysida ransomware group, the Verge reports. The hackers published 1.67 terabytes of stolen data, including information and gameplay from the company’s upcoming Wolverine game, as well as data from several unannounced games. The leak also includes a great deal of personal information from thousands of current and former Insomniac employees. Jonathan Weissman, a principal lecturer at Rochester Institute of Technology’s Department of Cybersecurity, told Polygon, “We’re talking about non-disclosure agreements with major companies and studios, internal developer Slack communications, internal HR documents, scanned employee passports, and more.” For more on the cyberattack, including comments from industry experts, see CyberWire Pro.

AI-generated email attacks.

Abnormal Security describes several AI-generated phishing emails, noting that “[b]ecause these emails are often sent from a legitimate email service provider, are text-based, and rely on social engineering to compel the recipient to take action, it is challenging for traditional email security solutions to detect them as attacks.” In the attacks observed by Abnormal, scammers impersonated Netflix, an insurance company, and Australian cosmetics company LYCON.

Malware increasingly uses public infrastructure.

Researchers at ReversingLabs warn that two malware campaigns are using previously unobserved techniques to abuse GitHub. The first used GitHub Gists to host second-stage malware payloads: “In this incident, several PyPI packages presented themselves as libraries for handling network proxying, and contained a Base64 encoded string, allegedly related to telemetry data, but actually containing a URL pointing to a secret Gist.” A second malware campaign, probably launched by the same threat actor, used git commit messages to issue malware commands.

QR code scams.

Netcraft describes a recent phishing attack that used a phony multifactor authentication notification in an attempt to trick recipients into scanning a QR code. The notification purported to come from Microsoft, and the QR code led to a credential-harvesting site: “It’s worth noting that the criminal’s deception includes a reference to 2FA (two-factor authentication). Setting up 2FA is associated with improving online security, and a task that is commonly legitimately completed using QR codes. The QR code directs the user to a phishing site that tricks the victim into entering their Microsoft login and password.”

Patch news.

CISA issued nine Industrial Control System Advisories:

On Tuesday Apple patched Safari, iOS, iPadOS, and macOS Sonoma.

On Wednesday Google issued an emergency patch for a Chrome vulnerability undergoing active exploitation in the wild.

Mozilla released security upgrades for Firefox and Thunderbird this week.

ESET fixed a vulnerability in its SSL/TLS protocol scanning feature. The company lists the affected products as:

  • ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Security Ultimate
  • ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows
  • ESET Endpoint Antivirus for Linux 10.0 and above
  • ESET Server Security for Windows Server (File Security for Microsoft Windows Server), ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Microsoft SharePoint Server, ESET File Security for Microsoft Azure
  • ESET Server Security for Linux 10.1 and above

Crime and punishment.

The rumored takedown of a leaksite maintained by the ALPHV/BlackCat ransomware operation was confirmed. The US Department of Justice this morning announced that it had indeed taken part in an international action against the ransomware-as-a-service gang. The FBI has developed a decryption tool that it's already provided to more than five-hundred victims of the gang, and the Department of Justice encourages other victims to come forward for assistance. For more on the takedown, see CyberWire Pro.

The Cyber Express reports that ALPHV and LockBit announced late this week their intention to form a ransomware cartel. It's a gesture toward honor among thieves, and a gesture toward some prospect of continued criminal survival. “The FBI doesn’t catch us alone; it joins forces with all the special services in the world; we have to do the same,” LockBit said, and its former criminal rivals in ALPHV responded, “LockBit’s right, we should all join a cartel or they’ll hunt us down one by one.” Whether numbers will bring strength or simply present a larger, more consolidated target to law enforcement is unclear.

The case of Qakbot shows how ephemeral law enforcement takedowns of infrastructure can be. The Register, citing multiple sources, reports that Qakbot has returned three months after it sustained Operation Duck Hunt, albeit with a lower volume of mischief than it showed during its good days. Operation Duck Hunt was an FBI-led action similar in scope to the ALPHV/BlackCat takedown.

Courts and torts.

The US Securities and Exchange Commission's (SEC) disclosure rules went into effect Monday. on December 18. Companies can apply for delays to the FBI, and the Bureau has released guidelines outlining the delay request procedures and determination process. There has been much debate over the issue of determining the materiality of a cyberincident, and the FBI’s guidelines state in order to avoid immediate denial, any delay request must be submitted concurrently with a materiality determination.  

The Record notes that industry response to the reporting rules has been less than positive, and Republican lawmakers have proposed legislation to reverse them altogether. One argument is that disclosure could put organizations in harm’s way. But as one senior official at the Cybersecurity and Infrastructure Security Agency (CISA) explains, many experts feel the benefits outweigh the potential dangers. “We know that there is ubiquitous underreporting of cybersecurity incidents, and that diminishes our ability to help victims, our ability to provide effective guidance, our ability to understand adversary trends and drive broader risk reduction at scale,” the CISA official stated. 

Policies, procurements, and agency equities.

The International Committee of the Red Cross (ICRC) has called upon states to take two measures that would bring cyber warfare into line with international norms of arms conflict. First, it asked that states observe proper discrimination in their cyber operations, and avoid hitting protected targets, and civilian targets generally. The prohibited targets specifically named are hospitals, power grids, and "data collected by humanitarian organizations and used exclusively for humanitarian ends." Second, it asked that governments control and restrain the participation of civilians--"individuals, hacker groups, and companies"--in cyber warfare. Such participation, the ICRC fears, will blur the vital distinction between combatants and noncombatants, and expose prohibited targets to greater risk of attack.

Acting in accordance with NCSC recommendations, Britain's National Grid has begun pulling components supplied by Chinese-controlled Nari Technology from its electrical power transmission network, the Financial Times reports. The removal of Nari products is motivated by concerns over the cybersecurity risk Chinese-manufactured components carry.

Twenty-one members of the US House of Representatives have submitted a letter to President Joe Biden claiming that the EU’s Digital Markets Act (DMA) unfairly targets US firms over Chinese and European companies. As Reuters explains, the DMA designates American Big Tech firms Alphabet, Amazon, Apple, Meta, and Microsoft as "gatekeeper" service providers. As of March 2024, these companies will be mandated to make their messaging apps compatible with their competition and allow users to have the final say on which apps will come pre-installed on their devices. In the letter, the bipartisan group of lawmakers say that the new law will negatively impact the US economy and customer security, and they’re urging Biden to make the EU pledge the rules will be fairly implemented. 

Fortunes of commerce.

Colorado-based apparel company VF Corporation (owner of Vans, North Face, and other major brands) reported a material cyberattack to the SEC on the first day the rules went into effect, the Record reports. VF stated, "The threat actor disrupted the Company’s business operations by encrypting some IT systems, and stole data from the Company, including personal data. The Company is working to bring the impacted portions of its IT systems back online and implement workarounds for certain offline operations with the aim of reducing disruption to its ability to serve its retail and brand e-commerce consumers and wholesale customers."

Mergers and acquisitions.

Identity and access management provider Okta is acquiring Israeli identity security posture management platform provider Spera for approximately $100 million, Calcalist reports.

Accenture has acquired UK-headquartered data consultancy Redkite.

London-based identity and access management firm Xalient has acquired digital identity advisory and managed services provider Grabowsky.

Reuters reports that Airbus is in talks to buy Atos's cybersecurity business BDS. Airbus and Atos declined to comment.

Investments and exits.

Boston-based cyber range provider SimSpace has secured $45 million in an equity raise led by L2 Point Management.

Anti-ransomware endpoint protection firm Halcyon has raised $40 million in a Series B round led by Bain Capital Ventures.

Origin AI, a Maryland-based startup that uses WiFi signals for motion sensing, has raised $15.9 million in a Series B extension led by Verisure, with participation from Okinawa Electric Power Company, Verizon Ventures, and INSPiRE.

Maryland-headquartered Turngate, a company that "offer[s] IT and cybersecurity professionals unprecedented insights into user activity," has secured $5 million in a seed funding round led by Paladin Capital Group.

And security innovation.

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert urging technology manufacturers to eliminate default passwords in their products. The agency recommends the following alternatives to default passwords:

  • “Provide instance-unique setup passwords with the product;
  • “Provide time-limited setup passwords that disable themselves when a setup process is complete and require activation of more secure authentication approaches, such as phishing-resistant MFA;
  • “Require physical access for initial setup and the specification of instance-unique credentials.”

CISA has also published a detailed Cybersecurity Advisory outlining the results of a risk and vulnerability assessment the agency conducted for a healthcare and public health organization in January 2023. CISA says, “As part of the RVA, the CISA assessment team conducted web application, phishing, penetration, database, and wireless assessments. The assessed organization was a large organization deploying on-premises software.”

And CISA has updated its approach to information sharing through its Automated Indicator Sharing (AIS) program. In 2024 the agency will focus on "simplification," "partner-centered design," and “learning from experience."

Fri, 22 Dec 2023 15:14:00 -0600 text/html
Hydrogen Test Infrastructure

H2-Container Technical Center

The site is building a modular and flexible test environment for hydrogen technologies. Together with partners from industry and research, the entire hydrogen value chain is to be examined and improved. The aim is to accelerate the technology transfer from hydrogen research to hydrogen applications.

Thu, 23 Nov 2023 22:02:00 -0600 en text/html
An old vulnerability under active exploitation; updates on ongoing incidents.

Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.

Ukraine at D+665: Reprisals for the Kyivstar hack. (CyberWire) Ukrainian hacktivist auxiliaries undertake reprisals for the Kyivstar hack, and Russian disinformation tacks toward a narrative of the Russian World as it takes advantage of technological advances.

Hamas insists on end to Israel’s offensive in Gaza before hostage talks can begin (the Guardian) UN security council resolution calling for ceasefire and more aid deliveries delayed again at the request of the US

Russia-Ukraine war: List of key events, day 666 (Al Jzeera) As the war enters its 666th day, these are the main developments.

Russia shells 6 communities in Sumy Oblast (The Kyiv Independent) Russian forces attacked six communities along the Sumy Oblast border on Dec. 20, firing 14 times over the course of the day, the Sumy Oblast military administration reported.

Captured Russian weapons, an ammo crisis and a new NATO ally: 5 stories from Europe in 2023 (Breaking Defense) Alliance expansion might force Russia to reassess a strategic calculus around a war beyond Ukraine’s borders, but tough questions around just how long Kyiv can defend itself are beginning to be asked.

While Washington Dickers, Tiny Bulgaria Races To Supply Ukraine With Bullets, Tank Shells, and Armor (The New York Sun) Russia’s neighbors — from Norway and Finland to Romania and Bulgaria — see helping Ukraine as an existential necessity for the defense of eastern and…

Expert Opinion: To Win in Ukraine, We Must Prove Putin Wrong (The Cipher Brief) Cipher Brief expert and former Chief of CIA's Central Eurasia Division Rob Dannenberg shares his insights on how to win in Ukraine

Putin’s dead end | The Strategist (The Strategist) In his annual press conference, Russian President Vladimir Putin made it clear that he will be ready for a peace settlement with Ukraine only after he has achieved his goals, which haven’t changed since he ...

Orban Isn’t the EU’s Trump (World Politics Review) The EU’s struggle to manage rogue member states is a chronic but manageable condition. The US’ Trump problem is much more acute.

European Allies’ Views of Russia’s Nuclear Policy after the Escalation of Its War in Ukraine (Real Clear Defense) Russia’s nuclear threats have not gone unnoticed among citizens of European nations, including in those countries that reportedly host U.S. battlefield (also sometimes called tactical or short-range) nuclear weapons (Belgium, Germany, Italy, the Netherlands and Turkey[1]).

Ukraine’s Front-Line Troops Are Getting Older: ‘Physically, I Can’t Handle This’ (Wall Street Journal) Corruption and fear are hindering effort to rebuild army

Ukrainian hackers breach Rosvodokanal, seize data of Russia's largest private water utility (RBC-Ukraine) Ukrainian hackers, reportedly with support from the Security Service (SSU), sought revenge for the recent cyberattack on Kyivstar and destroyed the IT infrastructure of the Russian major private water-supply company Rosvodokanal, according to RBC-Ukraine's own sources.

Ukrainian hackers report successful attack on Russian Bitrix service (Ukrainska Pravda) Hackers from the IT Army of Ukraine have announced that they have carried out a successful attack on the servers of Bitrix24, a service used by major Russian companies such as Rosneft.

Uninterrupted communications for critical infrastructure: Ukraine gets 5,000 more Starlinks from Poland (Ministry of Digital Transformation of Ukraine) The Polish government has handed over another 5,000 Starlinks to Ukraine. The terminals are being transferred to critical infrastructure facilities and frontline areas to ensure uninterrupted communications.

How pro-Russian 'yacht' propaganda influenced US debate over Ukraine aid (BBC) A false rumour spread by a dubious AI-powered website caught the attention of leading politicians.

The legal case for seizing Russia’s assets (Financial Times) G7 allies are debating whether to spend Moscow’s frozen funds to support Ukraine

Germany moves to seize €720mn of Russian group’s assets (Financial Times) Bid to take cash from financial institution comes as west explores ways to seize assets of Russia’s central bank

U.S. Makes a New Attempt to Stifle Russian Oil Trade (Wall Street Journal) Treasury Department imposes blocking sanctions on three trading firms that have emerged as important players in the Russian petroleum market

Russia Jails Men for Funding Far-Right Ukraine Group (The Moscow Times) Russia on Thursday handed long jail sentences to a Ukrainian man and another individual for financing an ultranationalist group in Ukraine by selling illegal drugs.

Attacks, Threats, and Vulnerabilities

Web injections are back on the rise: 40+ banks affected by new malware campaign (Security Intelligence) DanaBot is a sophisticated banking trojan targeting financial institutions and their customers. Now, a new global campaign has put more users at risk.

This JavaScript code hit 50K online banking sessions in 2023 (Register) Why keeping your PC secure and free of malware remains paramount

Crypto scammers abuse Twitter ‘feature’ to impersonate high-profile accounts (BleepingComputer) Cryptocurrency scammers are abusing a legitimate Twitter "feature" to promote scams, fake giveaways, and fraudulent Telegram channels used to steal your crypto and NFTs.

Threat Actors Exploit CVE-2017-11882 To Deliver Agent Tesla (Zscaler) Understand how threat actors exploit CVE-2017-11882 to deliver Agent Tesla for data exfiltration

Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware (Dark Reading) Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla, via socially engineered emails and an evasive infection method.

Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware (Cisco Talos Blog) Talos revealed that rebooting an iOS or Android device may not remove the Predator spyware produced by Intellexa. Intellexa knows if their customers intend to perform surveillance operations on foreign soil.

Cybercriminals target UAE residents, visitors in new info-stealing campaign (Record) A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research.

Cybercrims target hotel staff for management credentials (Register) Research highlights how major attacks like those exploiting are executed

The Naughty List: scammers exploit Christmas Eve rush with fake deliveries (Group-IB) Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, has detected a sharp increase in the number of fake delivery websites just weeks before Christmas.

Seasonal-themed scams hit user inboxes in the run-up to Christmas, Bitdefender Antispam Lab warns (Hot for Security) During the winter holidays, online scams and unsolicited emails increase considerably and malicious spammers, as usual, begin celebrating early.

Microsoft Alert: COLDRIVER Credential Theft Rising Again (TuxCare) Stay informed on the surge in COLDRIVER credential theft. Microsoft's alert reveals the latest tactics. Safeguard your data now!

Hacker Sells Access to Customer Data from Brazil ISPs (SafetyDetectives) A hacker is selling information allegedly stolen from Brazil-based internet service providers (ISPs) The SafetyDetectives cybersecurity team found a forum post

Nearly 3 million affected by ransomware attack on medical software firm (Record) Austin-based ESO Solutions said a ransomware attack allowed hackers to access patient health information.

Indian tech giant HCL investigating ransomware attack (Record) In a regulatory filing, HCL Technologies said it “has become aware of a ransomware incident in an isolated cloud environment for one of its projects.”

Wolverine part of massive Insomniac Games leak after ransomware deadline passes (The Verge) 1.67 terabytes of data comprising over 1.3 million files.

Data Leak Exposes 1.5 Billion Real Estate Records, Including Elon Musk, Kylie Jenner (Hackread - Latest Cybersecurity News, Press Releases & Technology Today) A Campbell, New York-based real estate training platform called Real Estate Wealth Network exposed a massive treasure trove of real estate records due to cloud server misconfiguration.

COC alerts employees to third-party data breach  (Santa Clarita Valley Signal) Unauthorized data breach via the college’s insurance provider affects more than 2,400 current, former employees  College of the Canyons is communicating with more than 2,400 affected personnel after an unauthorized data breach through its insurance provider, according to Eric Harnish, a spokesman for the college.  Keenan & Associates, a Torrance-based consulting and brokerage firm which […]

Security Patches, Mitigations, and Software Updates

Apple Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency | CISA) Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and macOS Sonoma. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information.

Mozilla Releases Security Updates for Firefox and Thunderbird | CISA (Cybersecurity and Infrastructure Security Agency CISA)

Annual Payment Fraud Intelligence Report: 2023 (Recorded Future) Throughout 2023, many indications suggested that the payment fraud underground has begun to recover from Russian law enforcement’s crackdown against domestic cybercriminals and the subsequent full-scale Russian invasion of Ukraine in 2022.

Regulators Got Tough on Cyber in 2023 as Crime Soared (Wall Street Journal) Regulators Got Tough on Cyber in 2023 as Crime Soared

7 Security Trends to Watch Heading into 2024 (Information Week) Challenges and opportunities old and new will shape another year in the cybersecurity space.

Tracking Ransomware: November 2023 (CYFIRMA) This CYFIRMA Monthly Ransomware Report thoroughly analyses ransomware activity in November 2023, covering significant attacks, the top five ransomware families, geographical distribution, targeted industries, evolution of attacks, vulnerabilities exploited by ransomware groups, and trends


Proofpoint closes acquisition of Tessian (iTWire) Cybersecurity and compliance company Proofpoint has completed the acquisition of AI-based Cloud Email Security provider Tessian. Proofpoint says combining its industry-leading threat and data loss protection technology and intelligence with Tessan's AI-powered behavioral and dynamic detection wi...

Anthropic to Raise $750 Million in Menlo Ventures-Led Deal (The Information) Anthropic is in talks to raise $750 million in a venture round led by Menlo Ventures that values the two-year-old artificial intelligence startup at $15 billion not including the investment, more than three times its valuation this spring, according to two people with direct knowledge of the ...

BlackBerry posts surprise quarterly profit on resilient cybersecurity demand (Moneycontrol) BlackBerry (BB.TO) reports unexpected quarterly profit, driven by robust demand for cybersecurity services amid escalating online threats; stable spending despite overall IT downturn.

Cybersecurity Leader Ranell Gonzales Joins Cybrella as Vice President of Global Sales and Alliances (PR Newswire) Cybrella, a prominent player in the cybersecurity advisory space, is thrilled to welcome Ranell Gonzales as the new Vice President of Global...

Products, Services, and Solutions

Independent Technical Evaluation from Technology Advancement Center Finds Darktrace Federal Cyber AI Mission Defense Provides Comprehensive Visibility and Detection for IT and OT Environments (PR Newswire) Darktrace Federal announced that the Technology Advancement Center (TAC) completed an independent technical evaluation of the Darktrace Federal...

Saviynt Recognized as a 2023 Gartner® Peer Insights™ Customers’ Choice for IGA (Saviynt) Converged identity security company is recognized as a Customers’ Choice for 3 years in a row

Saviynt helps Danfoss cut the time to onboard new employees by 83 percent (Saviynt) Saviynt Enterprise Identity Cloud enables engineering and manufacturing company to manage and secure 45,000 digital identities across 100 countries

The Limitations of Google Play Integrity API (ex SafetyNet) (Approov) Explore the history, uses, and limitations of the Google Play Integrity API (formerly SafetyNet); compare and contrast it with Approov's mobile security.

Stellar Cyber integrates with SentinelOne for enhanced cybersecurity across environments (Help Net Security) Stellar Cyber and SentinelOne integration boosts cybersecurity across on-premises, cloud, hybrid, and IT/OT environments.

Microsoft teams up with Silobreaker to enhance cybersecurity with MDTI intelligence (MSPoweruser) Microsoft and Silobreaker announced an integration between Microsoft Defender Threat Intelligence (MDTI) and Silobreaker's 360 Search platform. 

Technologies, Techniques, and Standards

The Disturbing Impact of the Cyberattack at the British Library (The New Yorker) The library has been incapacitated since October, and the effects have spread beyond researchers and book lovers.

The cult of tech could push us into a new Dark Age (The Telegraph) It is senseless to destroy historical documents and assume digital versions will survive the centuries

CISA seeking comments on its ‘secure by design’ guidance (FedScoop) The agency’s request for information on its software security white paper “acknowledges that security by design is not easy,” and that additional comments from manufacturers and other interested parties are needed.

What's the Best Way to Communicate After a Data Breach? (Dark Reading) So you've had a data breach, and now you need to take the next step. Here's a guide for communicators dealing with security incidents from Ashley Sawatsky of Rootly.

Research and Development

The FTC Voice Cloning Challenge (US Federal Trade Commission) Voice cloning technology is becoming increasing sophisticated due to improving text-to-speech AI.

GPT and other AI models can't analyze an SEC filing, researchers find (CNBC) The findings from Patronus AI highlight some of the challenges of using AI models within big companies in regulated industries like finance.

Legislation, Policy, and Regulation

Biden administration takes first step toward writing key AI standards (Reuters) The Biden administration said on Tuesday it was taking the first step toward writing key standards and guidance for the safe deployment of generative artificial intelligence and how to test and safeguard systems.

How Congress can rein in data brokers (CyberScoop) Know your customer rules are a first step to address the risks of sensitive data — including on U.S. military servicemembers — sold online.

U.S. Regulators Propose New Online Privacy Safeguards for Children (New York Times) The F.T.C. called for sweeping changes that could curb how social media, game and learning apps use and monetize youngsters’ data.

FTC Proposes Curbing Targeted Advertising to Children Online (Wall Street Journal) Agency seeks to bolster 1998 law by requiring targeted ads for children to be turned off by default

FTC proposes tougher children’s data privacy rules for first time in a decade (Record) The agency is proposing new restrictions on the use and disclosure of children’s personal data and wants to make it much harder for companies to exclude children from their services if they can’t monetize their data.

The Obscure Google Deal That Defines America’s Broken Privacy Protections (WIRED) Google’s doomed social network Buzz led US regulators to force Google and Meta to monitor their own data use. Insiders say the results were mixed, as pressure mounts for a federal privacy law.

Litigation, Investigation, and Law Enforcement

Julian Assange's 'Final' Appeal Against US Extradition to be Held in February (Voice of America) Assange is wanted by the U.S. on 18 counts relating to WikiLeaks' release of confidential U.S. military records

ALPHV's Downfall? The 2023 Crackdown on BlackCat Ransomware (Flashpoint) Exploring the impact of ALPHV's ransomware blog takedown by law enforcement and its impact on the greater cyber threat landscape

ALPHV Ransomware Site Outage: What We Know So Far (ReliaQuest) The ALPHV ransomware data-leak site has been offline for 30 hours, raising speculation of disruption by law enforcement activity. Here's what we know so far.

How hard has the BlackCat ransomware group been hit by the FBI? (Tech Wire Asia) The BlackCat ransomware group has been around since November 2021 targeting organizations globally. Has the FBI just hit it hard?

German police take down Kingdom Market, a darknet emporium of illicit goods (Record) German police said they posted a takedown notice on the website and are now analyzing Kingdom Market's server infrastructure to identify the people behind the website's operation.

AI cannot be patent 'inventor', UK Supreme Court rules in landmark case (Reuters) A U.S. computer scientist on Wednesday lost his bid to register patents over inventions created by his artificial intelligence system in a landmark case in Britain about whether AI can own patent rights.

Judge Gives Prosecutors Access to G.O.P. Lawmaker’s Messages in Jan. 6 Case (New York Times) The roughly 1,700 messages are from the cellphone of Representative Scott Perry, who was involved in discussions with Trump administration officials about overturning the election.

Rite Aid Banned From Using AI Facial Recognition in FTC Settlement (Wall Street Journal) The company said it ‘fundamentally’ disagrees with the allegations

The couch surfing predator: how a group of women were drugged and assaulted – then fought back (the Guardian) Dino Maglio, a former Italian police officer, opened up his home to young women travellers, many of whom suffered at his hands. As scattered as they were, legal action seemed impossible. But as their numbers grew, so too did their determination ...

Brazil’s First Lady Clashes With Elon Musk Over Hacked X Account (Bloomberg) Janja has threatened to sue over slow response to breach. Musk says his platform bears no responsibility for hacking.

Thu, 21 Dec 2023 03:21:00 -0600 text/html
Navigating the World of IT Certifications: The Role of Practice Tests and the Pitfalls of Exam Dumps with Microsoft, Cisco, and CompTIA


In today's fast-paced and highly competitive IT industry, certifications have become essential for IT professionals to demonstrate their expertise and stay competitive in the job market. Among the leading certification providers, Microsoft, Examsnap, and CompTIA offer a wide range of certifications covering various IT domains. As professionals strive to earn these coveted certifications, they often turn to practice tests to aid in their preparation. However, the allure of exam dumps, a shortcut fraught with ethical and professional risks, presents a constant temptation. This article explores the importance of practice tests in achieving Microsoft, Cisco, and CompTIA certifications and sheds light on the dangers associated with exam dumps.

  1. The Significance of IT Certifications

IT certifications are widely recognized as valuable credentials that validate an individual's skills and knowledge in specific IT domains. Microsoft, Cisco, and CompTIA are prominent players in the certification landscape, offering a diverse array of certifications:

  • Microsoft certifications, such as Microsoft Certified: Azure Administrator Associate and Microsoft Certified: Azure Solutions Architect Expert, validate expertise in Microsoft technologies and cloud services.
  • Cisco certifications, including Cisco Certified Network Associate (CCNA) and Cisco Certified Network Professional (CCNP), are revered for their emphasis on networking and infrastructure proficiency.
  • CompTIA certifications, like CompTIA A+ and CompTIA Security+, provide a solid foundation in IT fundamentals, making them suitable for those starting their IT careers.

These certifications not only open doors to better job opportunities but also equip professionals with the skills required to thrive in the ever-evolving tech landscape.

  1. The Role of Practice Tests in Certification Preparation

Earning an IT certification is a rigorous undertaking that necessitates thorough preparation. Practice tests play a crucial role in helping candidates achieve success in their certification exams, offering numerous benefits:

  1. Realistic Exam Simulation: Practice tests closely mimic the format, structure, and difficulty level of the actual certification exams. This familiarity helps candidates become comfortable with the exam environment, reducing test-day anxiety.
  2. Self-Assessment: Practice tests enable candidates to assess their current knowledge and identify areas that require improvement. This self-assessment guides their study plans, ensuring targeted and effective preparation.
  3. Confidence Building: Consistent strong performance on practice tests boosts candidates' confidence, which can significantly enhance their overall performance on the actual exam and reduce test-taking stress.
  4. Time Management Skills: Many IT certification exams impose strict time constraints. Practice tests help candidates develop efficient time management strategies, ensuring they can complete the exam within the allotted timeframe.
  5. Knowledge Reinforcement: Practice tests serve as a valuable tool for reinforcing the material learned during preparation, helping to solidify key concepts and topics.

Both Microsoft and Cisco offer official practice exams through their respective learning platforms. These practice exams are carefully designed to closely align with the content and structure of the actual certification exams, providing candidates with reliable and high-quality preparation materials.

  1. Exam Dumps: The Temptation and Risks

While practice tests are widely accepted as legitimate aids for certification preparation, the use of exam dumps represents a controversial and ethically problematic shortcut within the IT certification community. Exam dumps typically contain real exam questions and answers, often obtained through dubious means, and are subsequently shared or sold online.

  1. Ethical Concerns: The use of exam dumps is widely regarded as unethical and a violation of certification policies. It undermines the integrity of certification programs and diminishes the value of certifications earned through legitimate means.
  2. Short-Term Gains, Long-Term Consequences: Exam dumps may offer a shortcut to passing a certification exam, but they do not impart a deep understanding of the subject matter. This lack of genuine knowledge can prove detrimental in the long run when professionals encounter real-world scenarios that require practical expertise.
  3. Risk of Disqualification: Certification providers take the use of exam dumps seriously. If they discover that a candidate used exam dumps to pass their exams, they may revoke the candidate's certification and impose bans on future certification attempts, potentially damaging the candidate's career.
  4. Limited Learning: Relying on exam dumps deprives individuals of the opportunity to genuinely learn and comprehend the material, which can hinder their career growth and overall competence in their field.
  1. Microsoft, Cisco, and CompTIA Practice Tests

Let's delve into how practice tests are offered by these renowned certification providers:

  1. Microsoft Practice Tests

Microsoft offers a comprehensive suite of practice exams that closely align with their certification exams. These practice exams are accessible through the official Microsoft Learning platform and provide candidates with several advantages:

  • Realistic Simulation: Microsoft's practice exams closely replicate the format and structure of the actual certification exams, ensuring candidates are well-prepared for the exam experience.
  • Self-Assessment: Practice exams enable candidates to gauge their current knowledge and identify areas that require further study, allowing for targeted and efficient preparation.
  • Confidence Building: Success on practice exams bolsters candidates' confidence, reducing anxiety and enhancing overall performance on the real exam.
  • Time Management Skills: Microsoft's practice exams assist candidates in developing effective time management strategies to tackle the strict time constraints of certification exams.
  • Knowledge Reinforcement: Practice exams serve as a valuable tool for reinforcing key concepts and topics, ensuring candidates have a solid understanding of the material.
  1. Cisco Practice Tests

Cisco offers official practice exams through the Cisco Learning Network. These practice exams are thoughtfully designed to closely align with Cisco's certification exams and provide candidates with numerous benefits:

  • Realistic Experience: Cisco's practice exams replicate the format and structure of the actual certification exams, helping candidates become acclimated to the exam environment.
  • Self-Assessment: Candidates can use practice exams to evaluate their current knowledge and identify areas in need of improvement, guiding their study plans effectively.
  • Confidence Boost: Strong performance on practice exams boosts candidates' confidence, reducing anxiety and enhancing performance on the real exam.
  • Time Management Skills: Cisco's practice exams assist candidates in developing effective time management strategies for the stringent time constraints of certification exams.
  • Knowledge Consolidation: Practice exams serve as a valuable tool for reinforcing key concepts and topics, ensuring candidates have a strong grasp of the material.
  1. CompTIA Practice Tests

CompTIA offers official practice exams that closely align with their certification exams. These practice exams can be accessed through the CompTIA website and offer candidates the following advantages:

  • Realistic Simulation: CompTIA's practice exams closely replicate the format and structure of the actual certification exams, providing candidates with a realistic exam experience.
  • Self-Assessment: Candidates can use practice exams to evaluate their current knowledge and identify areas that require further study, allowing for targeted preparation.
  • Confidence Building: Success on practice exams bolsters candidates' confidence, reducing anxiety and enhancing performance on the real exam.
  • Time Management Skills: CompTIA's practice exams help candidates develop effective time management strategies to ensure they complete the exam within the stipulated time.
  • Knowledge Reinforcement: Practice exams reinforce key concepts and topics, ensuring candidates have a strong grasp of the material.
  1. The Ethical Pursuit of IT Certifications

The pursuit of IT certifications should always be rooted in a commitment to ethical practice, continuous learning, and professional growth. While practice tests are indispensable tools for success, the use of exam dumps should be unequivocally avoided. By following a path of dedication, hard work, and ethical practice, IT professionals can achieve their certification goals and thrive in the dynamic and ever-evolving IT industry.


IT certifications from Microsoft, Cisco, and CompTIA are highly respected credentials that validate the expertise and skills of IT professionals. Achieving these certifications is no small feat and demands diligent preparation, with practice tests serving as invaluable allies.

Practice tests offer a realistic simulation of the certification exam experience, providing candidates with self-assessment tools, confidence building, time management skills, and knowledge reinforcement. Both Microsoft and Cisco offer official practice exams, while CompTIA provides practice exams closely aligned with their certification content.

In stark contrast, exam dumps represent a tempting but ethically perilous shortcut to certification. The ethical pursuit of IT certifications not only upholds the integrity of the certification programs but also equips professionals with the knowledge and skills necessary to excel in their careers.

In conclusion, IT professionals should approach certification preparation with integrity, dedication, and a commitment to continuous learning. By leveraging practice tests and avoiding the allure of exam dumps, they can confidently embark on their journey toward IT certification success and thrive in the ever-evolving world of technology.

Related Topics

Wed, 29 Nov 2023 09:59:00 -0600 en text/html

500-701 Questions and Answers | 500-701 teaching | 500-701 student | 500-701 answers | 500-701 PDF Download | 500-701 information source | 500-701 information source | 500-701 course outline | 500-701 approach | 500-701 test |

Killexams Exam Simulator
Killexams Questions and Answers
Killexams Exams List
Search Exams
500-701 Practice Test Download
Practice Exams List