The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Implement layer 2 security
|
|
Configure using router operating system (OS) commands to mitigate layer 2 attacks Completed |
Evidence:
|
Implement identity-based networking services (IBNS) on switches to provide layer 2 security Completed |
Evidence:
|
Implement identity management using access control system (ACS) as the authentication server Completed |
Evidence:
|
Configure router OS intrusion prevention system (OS-IPS) to mitigate threats to network resources
|
|
Evaluate the advanced capabilities of router OS-IPS firewall feature set to include event action processing (EAP) for threats to network resources Completed |
Evidence:
|
Configure and verify IPS features to identify threats and dynamically block them from entering the network Completed |
Evidence:
|
Maintain, update and tune the IPS signatures Completed |
Evidence:
|
Configure and verify context-based access control (CBAC) and network address translation (NAT) to dynamically mitigate identified threats to the network Completed |
Evidence:
|
Configure and verify zone-based firewall (ZFW) to include advanced application inspections and uniform resource locator (URL) filtering for improved network security Completed |
Evidence:
|
Configure virtual private networks (VPNs) to provide secure connectivity for site-to-site and remote access communications
|
|
Analyse and evaluate internet protocol security (IPSec) and generic routing encapsulation (IPSec/GRE) features and functionality Completed |
Evidence:
|
Configure secure connectivity for site-to-site VPN using certificate authorities Completed |
Evidence:
|
Analyse dynamic multipoint VPN (DMVPN) features and capabilities Completed |
Evidence:
|
Configure and verify secure connectivity for site-to-site VPN operations Completed |
Evidence:
|
Provide highly secure network access with secure socket layer (SSL) VPN to deliver remote access connectivity features and benefits Completed |
Evidence:
|
Evaluate EasyVPN benefits and configure EasyVPN server with dynamic virtual tunnel interface (DVTI) to create a virtual access interface on the virtual tunnel interface Completed |
Evidence:
|
Configure and verify EasyVPN remote to establish a site-to-site connection using both router and VPN software clients Completed |
Evidence:
|
Implement group-encrypted transport (GET) VPN features to simplify the provisioning and management of VPN Completed |
Evidence:
|
Implement network foundation protection (NFP)
|
|
Evaluate NFP features and functionality to provide infrastructure protection Completed |
Evidence:
|
Secure the management plane, the data plane and the control plane using OS features of the router Completed |
Evidence:
|