I cannot take credit for creating these mnemonics. They are the result of various online searches and the efforts of others. Kudos to their creators. 

OSI Layer - Please Do Not Touch Steve's Pet Alligator (Physical, Data Link, Network, Transport, Session, Presentation, Application)
Data at Each Stage of OSI Layer - Don't Don't Don't Stop Pouring Free Beer (Data Data Data Segment Packet Frame Bits) OR Some People F*** Bit**es (Segments, Packets, Frames, Bits) 
TCP/IP Layer - NITA (Network, Internet, Transport, Application)
Evaluation Assurance Model - Father Son Mother My Sweet Small Family (F S M M S S F) (Functionally Tested, Structurally Tested, Methodically tested and checked, Methodically designed, tested and reviewed, Semi-formally designed and tested, Semi-formally designed, verified and tested, Formally designed, verified and tested
Asymmetric Cryptography = DEREK (Diffie-Hellman ElGamal RSA ECC Knapsack)
Symmetric Cryptography = 23BRAIDS (Twofish 3DES Blowfish RC5 AES IDEA DES SAFER)
Fire extinguisher - A = Ashes (regular fires like paper and wood) B = Boil (liquids like gasoline) C = Electri C ity D = Dent - like a metal can K = Kitchen (oil/grease)
MAC (mandatory access control) is known as the lattice model (Big Mac with Lettuce)
MD5 is a 128-bit hash because 8 minus 2 minus 1 = 5
SkipJack has 8 letters. Key size is "80 bits"
Twofish - There is a process involved here called Whitening. Mental image of literally 2 fish "whitening" each others teeth.

Blowfish - This is for key size, which can be 32 up to 448. I again think about "blowing" air into a fish, and imagining the fish getting bigger and bigger. Thus, it starts at 32 but can be "blown" up to 448 bits.
Biba - The I in biba means Integrity
Ring Computing Model: Zero KODU (0 Kernel, 1 OS, 2, Drivers, 3 Users)
Retina Scan vs Iris Scan. Retina is a longer word than Iris. Retina is longer hence more detailed hence more intrusive. Iris stays same for the life of the person. Retina are blood vessels. Iris is mostly used.
Patent = 20 years. Notice there is the word "ten" in Patent. 10 fits better into 20, than it does 70 (Copyright)
Trade Mark is 10 years.
USPTO: United States Patents and Trademark Office (Library of Congress takes care of Copyright)
(Trade Secret is protected by Economics Espionage Act)
RAID 0: Striping - 0 looks like a circle (person going in circles and leaving data everywhere (on both hard drives) 
RAID 1: Mirroring - 1 or | looks like a mirror
Risk = Threat x Vulnerability (RISK TV)

ALE = ARO x SLE
ALE (CAUSES) AROSLE (🍺 = 😍)
SLE = AV x EF 
SLEAVEF (Up my sleeve(f))
ALE = Annual Loss Expectancy
SLE = Single Loss Expectancy
ARO = Annualized Rate of Occurrence (e.g; 1 flood in 20 years, 1/20 = 0.05)
AV = Asset Value (value of asset after depreciation)
EF = Exposure Factor (% damage with single occurrence - e.g; 80% of server unusable after a breach)
NIST 800-37 (Risk Management Framework) - People Can See I Am Always Monitoring (Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor)
Business Continuity Planning

1. Project Scope and Planning - Organization Review, BCP Team Selection, Resource Requirements and Legal and Regulatory Requirements
2. BIA (Business Impact Analysis) - Identifying Priorities, Risk Identification, Likelihood Assessment, Impact Assessment, Resource Prioritization (Quantitative (ALE, MTD, AV, etc) and Qualitative)
3. Continuity Planning - Strategy Development (Risk Acceptance)and Provisions and Processes 
4. Plan Approval and Implementation (Plan testing, Maintenance, Documentation, etc

C(ow)P(ig)SOW -

• Clearing Can be recovered (Deleting),
• Purging is Permanent,
• Sanitizing is Same as Purging,
• Overwriting with 0s and 1s, 
• Wiping is Writing (overwriting that is)

Domain 7
Incident Response: Think of a Drumroll aka DRMRRRL when there is an incident (Detect, Response, Mitigate, Report, Recover, Remediate, Lessons Learnt): In Mitigate, you contain, in Recover, you bring to last good known state, in Remediate, you do RCA/fix the Root Cause)
Canons of ISC - PAPA
Protect society, the common good, necessary public trust and confidence, and the infrastructure (Social Responsibility, no unethical hacking), 
Act honorably, honestly, justly, responsibly, and legally (Maintain Integrity, don't lie, etc)
Provide diligent and competent service to principals (Protect organization you are working for) , 
Advance and protect profession (Don't share exam questions, false endorsement)
CSUSAD - Information Lifecycle (Create, Save, Use, Share, Archive, Destroy)
Fagan Inspection (Code Review): Planets Orbit Perfectly In Round Formations (Planning, Overview, Preparation, Inspection, Rework, Followup)

Domain 8
Software Capability Maturity Model (IDEAL is the other model) - How mature is your capability?
(Think of mature software developers liking Oreo cookies)  I Really Don't Mind Oreos (Initiating, Repeatable (lifecycle management, proper QA), Defined (documented), Managed (is Quantitative, and Quality Mgmt), Optimized(Change Management is followed)
​Change Management Process - Red Rabbits Are Trained In Dancing (Request, Review, Accept/Reject, Testing, Implement, Document)
Change and Configuration Management - Rabbits Chasing Rabbits (Request, Change Control, Release Control)(Request - Red, Change Control - Rabbits Are Trained, Release Control - In Dancing)
5 Phases of SDLC
RDITE - Real Developers Ideas Take Effort (Requirements Analysis, Design, Implementation, Testing, Evolution)

​

​Work in Progress Below
Agile is a Framework: Scrum (most popular), Kanban and SAFe are examples are Agile Framework.
DevOps or DevSecOps can be used alongside Agile

3. Bell-Lapdula - I made a little one-liner jingle for this. I say it like this: Bell, LA PA DU LA - CON FI DEN SHI AL IT E. I've repeated this many times in my head, and in fact, I recall this from my SSCP studies 4 years ago.
4. Running key (or “book”) ciphers often use a passage from a commonly available book as the encryption key. I remember this because in IT, we use a "Run book", so anytime I see a practice question asking How a Running key works, I remember "Run Book".
10. TCSEC vs ITSEC = Orange Book. Orange has vitamin C in it, ITSEC does not.
​Threat Modelling:

• Based on Assets, Attackers, SW
• Stride (SW), PASTA (Asset), DREAD (?)

Standards / Acts / Regulations 
ISO 27001   -> info sec mgmt system 
ISO 22301   -> BCP MS – business continuity management system 
PCI-DSS   -> card security 
NIST 800-37   -> IS information security  
FEDRAMP ->  Federal risk and authorization program 
GLBA act – Privacy Financial services 
SOX -> Publicly Traded Companies – s not a standard but a law for publicliy traded companies doing business in US 
PIPEDA - > Canada - Personal Information Protection and Electronic Documents Act of Canada 
GDPR -> EU – Privacy
HIPPS -> Healthcare

Cisco Collaboration Flex Plan is available in the following license models:

1. Named User

• Customer is obligated to pay per user

1. Active User

• Customer is obligated to actual usage

1. Enterprise Agreement
   

• Customer is obligated to pay enterprise-wide usage

The price changes based on the Flex version that is sold. Currently Cisco is selling Flex 3.0.

​Today my heart is bleeding....

April 9 was a dark day in the history of Pakistan. This day would be remembered in days to come. A regime change happened in Pakistan - ousting the current sitting PM Imran Khan (IK). I hope IK get a second chance to come back in power - else people of Pakistan would never forgive those responsible for this.

The whole opposition consisting of many parties united to beat this one-man IK and his political party Tehreek e Insaf - PTI (Movement for Justice) which IK started in 1996. Tehreek e Insaaf was never a threat to any political party until the recent elections in 2018 where it built much momentum before the elections - and it won.

Imran was born in an affluent upper middle-class family in Lahore Pakistan. IK attended the prestigious school Aitchison College (established 1866) in Lahore, joining Royal Grammar School Worcester in England and finally graduated from Oxford where he studied Philosophy, Politics and Economics, graduating in 1975.

IK played cricket (college, county and national) while in Pakistan, then in England and continued to play until 1992. IK retired from Pakistan's national side after he captained the Pakistan Cricket Team and winning the only cricket world cup for Pakistan in 1992.

After the World Cup win, Imran Khan built a cancer hospital in Lahore (Shaukat Khanum - named after his mother who died of cancer) - which still provides free treatment to people who cannot afford the treatment. This was a amazing feat as something like this hasn't happened in the world where the expensive cancer treatment is provided for free - run entirely on charity.

After his political struggle for 22 years, IK disrupted the political landscape of Pakistan by taking the reigns of the country from the two-party system (PPP and PML-N) and by becoming PM in 2018 at the age of 66. Before Khan, people of Pakistan were tired of political party’s broken promises and seeing same faces years after years, elections after elections.

In Khan's PM acceptance speech, he mentioned that he wants to make Pakistan a welfare state and promised to help the most neglected of the community. He was ridiculed for this as well by the opposition. However, if anyone was capable of this insurmountable task, it was Khan.

It was an uphill battle to run a country at that time. Pakistan was in a disarray when IK held the reigns of the country. The previous government had left the country in a deficit. Pakistan was being run with the money which was lent by World Bank. And just to pay the interest on the World Bank loans, previous governments had gone to IMF to borrow money so that interest could be paid to the World Bank. And to pay back the interests on loans to IMF, they had taken more loans from IMF. This was going on for a while. It seemed though that no one before Khan cared about this. To put this in perspective, this is like the head of the family has a credit card, and to pay the minimum payments on the credit card, the head used another credit card, once that second card is maxed out, a third credit card is used so minimum payments can be done on that second credit card, and on and on...
​
Since he became the Prime Minister, he tried making changes to the grass root level. Some changes he succeeded, some he did not - but no one ever questioned his intentions. He was genuinely trying hard - removing ministers who weren't able to perform.

During his tenure, government of Pakistan collected record number of taxes, increased exports (despite COVID-19 where lot of countries in same regions had negative growth), and so many other great things (see list below).

His opposition never was able to find any dirt on him. They kept on bringing up his playboy lifestyle from his time in London, but other than that, there were no cases of corruption, no foreign properties, no bank accounts, etc.

It is worth mentioning that after becoming PM Khan was not living at the official PM House which was available to him. He would pay for the expenses for his residence himself. He would go to PM Office in the morning and go back to his personal residence in the evening - working long hours and not taking any days off. Despite his great health, I am sure this wasn't easy in his 66+ years of age.

While IK was busy working, the opposition had all united to put a notion of No-Confidence in the parliament against him. Some of his coalition partners had joined the opposition. The number of MNAs needed to make this notion successful was 172 - opposition pulled it off by a thin margin of 174.

PTI insisted that there is a US conspiracy to uproot his government. PTI said that a cipher had come from a US Diplomat Donald Lu which had clearly mentioned in a threatening manner that the vote of No-Confidence has to succeed in the parliament against IK for US to make things easy for Pakistan. There were proofs of meetings of US Officials with the MNAs which switched sides and with opposition leaders and opposition MNAs. Some media outlets reported of money given to some members of his party members so that they would become part of the opposition succeeding the vote of no confidence. IK and PTI had agreed to shared the Donald Lu's cipher with the Army, National Security Council and with the Opposition Leaders. Opposition Leaders weren't interested to see it. Opposition without seeing it insisted that the letter it was a lie. US denied their involvement in this. When Donald Lu was asked by the media, he neither accepted nor denied this cipher.
 
On the late night of April 9, after the No Confidence motion succeeded, Imran Khan for one last time went to his residence with his belongings (his diary and some papers).

​The Roman Emperor Marcus Aurelius once said: When a bunch of known corrupt people unite against one man and spare no effort to ridicule him, blackmail him and attempt to assassinate his character, blindly follow that one man!

Today, I am disappointed, I am sad, I am angry.
​
I truly hope you are given another chance. 

Webex offers a few different Webex Edge options. They can be confusing. I will try to outline what they are and what do they do:

Webex Edge is a great cost saving feature for customers who utilize Webex Meetings and CUCM...
This allows Webex Meetings to route PSTN calls through the internet and leverage on-premise CUCM for Webex Meetings Outbound/Call-Back feature - saving $$ on the Webex PSTN costs..

Here is a webex.com article on Webex Edge Audio.

Webex Edge Connect allows a customer to have a private point-to-point link between their network and Cisco Webex (Meetings and Calling) Cloud. This allows to by-pass public internet - thus guaranteeing bandwidth and quality of service (QoS).
Here is a webex.com article on Webex Edge Audio.

Webex Edge Video Mesh allows local (on-prem) media processing for cloud based media services thus improving the customer experience for on-prem users.
It is a software which is installed on-prem which is cloud managed by the Webex Control Hub.
​Here is a cisco.com article covering all of Webex Edge products.

For anyone working in Cisco IOS world knows the pain when an IOS gets deleted from flash by mistake or the IOS image on the flash gets corrupt. The device keeps on booting to a state known as ROMMON. The usual XMODEM procedure is painfully long. The IOS image copy process can take more than 9 hours - if the file is around 25 MB. 

To put the IOS back into the switch using USB can be pretty quick. I have done this in under an hour. Here is how to do it.

I am using Catalyst 2960X in my example below. 

​First make sure your IOS device has a USB port. If it does, we need a format a USB flash drive in a way IOS recognizes it. The file format has to be FAT16 (or FAT).
Note: FAT32 and FAT-EX are not supported by the Cisco IOS devices.

The USB drive has to be smaller or equal to 2 GB. If you don't have a USB drive smaller than 2 GB, follow this.

Here are the options I checked on when I formatted my USB drive to FAT on my Windows PC. Don't do Quick Format.

After formatting, put the IOS image on the USB drive. Now power on the switch or router. It would come to the ROMMON state.

Insert the USB flash drive in the USB port. Make sure that switch is able to see the IOS image on the USB. Issue the command dir usbflash0:

​Now enter boot usbflash0:c2960x-universalk9-mz.152-7.E2.bin so the the switch boots using the image on the USB.

For some reason, my switch came back to ROMMON after this above step as well - which it shouldn't have. So I had to repeat the above step once again. After the next time it came up fine.

Now the flash doesn't have a valid IOS image. We need to copy the image on the switch's flash.
I copied it by making the laptop as the FTP server. I use Filezilla. I gave my PC IP address of 10.10.10.2/24

On Switch

en
conf t
int vlan 1
ip address 10.10.10.1 255.255.255.0
no shut



ip ftp username cisco
ip ftp password cisco
exit

On PC

Control Panel >> Network and Internet >> Network Connections >> Ethernet >> Properties >> Internet Protocol  Version 4  (TCP/IPv4)

Make sure you are able to ping each other (from switch ping 10.10.10.2 and from laptop ping 10.10.10.1)

Once both PC and switch have IP connectivity, issue the command:

copy ftp: flash:

Provide the IP Address of FTP server (10.10.10.2 - in my example) and file name (c2960x-universalk9-mz.152-7.E2.bin - in my example)

Make sure you get the exclamations (!), and not the dots (.). If you get dots, that means either there isn't IP connectivity or (T)FTP server is not properly setup.

Issue dir to make sure that you see the IOS bin file in the switch's flash.

Make sure the config register is the right value before reloading by issuing sh ver

Reload the switch by reload command. Enter no to saving the config - this is so that on the boot, you get a fresh install of IOS.

Hopefully this will save you time just like it did to me and you can avoid xmodem IOS transfer.

Upgrade for VMWare vSphere ESXi from any 5.0 to 5.5 is pretty straight forward. However when going from 5.5 to 6.x, there are some added components like PSC (Platform Services Controller) See here.

There are various methods, however I will outline the steps by mounting a virtual DVD ISO (I used Cisco UCS Server - so my Virtual KVM was CIMC).

To mount the ISO and restarting the server and booting through the DVD, follow my other blog post (You would mount a different DVD image which would have the upgrade vSphere ISO).

Note: Check VMWare Compatibility to check if you can go from a specific source to a destination.

Here are the steps:

Once the DVD starts booting, the following screen would appear:

.....

Press Enter when its fully loaded.

Click the partition where the ESXi resides (normally its the smaller partition - the bigger partition has the virtual machines)

Note: Be careful in this step

Select what you intend on doing. I selected the Upgrade with preserving VMFS (which is the default)

Confirm

...

Once complete, the server would go through a power cycle. 

Once the server power cycles, it would go to the VMWare yellow screen. Turn on the VMs (using vSphere).

Note: vSphere on your local desktop will have to go through an upgrade once the ESXi is upgraded.

Cisco Integrated Management Controller is Cisco proprietary out-of-band management for servers. This is HP's iLO equivalent on Cisco UCS (Unified Computing System) servers.

Note: UCS are servers which are capable of running virtual machines (VMWare ESXi or other hypervisors).

Recently, I did an upgrade on the UCS server's CIMC (which include all the components mentioned in the title). I will go through the steps here. You can also upgrade individual components if needed. My server was running ESXi but that is irrelevant.

Note: Go through the Release Notes of the firmware at Cisco.com and make sure you can go from the source version to the destination version. You have to be logged in to be able to download the software.

​Here are the steps:

​Gracefully shut down all the VMs running on the UCS server (this isn’t required but recommended) 
Open the CIMC interface by going into the CIMC IP Address (ignore any certificate errors) 

Note: This is not the same as ESXi IP. 

Note: I prefer using Internet Explorer than using Chrome for this upgrade (even though my choice of browser is Chrome). 

If the hypervisor you are running is ESXi, you will see a similar screen to the one below: ​

Press F6 on the boot screen to get in the Boot Menu. (you might have to press F6 multiple times just to make sure you hit it at the right moment) ​

Select vKVM mapped CD/DVD ​​

UCS Host Upgrade Utility will start ​​

It can a while to load the firmware files (I guess this depends on network connectivity - mine was pretty good but still it took around 10 minutes).

When you get the license agreement, click 'I Agree'.

Now the following screen is where you need to select the components you are planning to upgrade. Select the components (Now click on 'Update' or 'Update All' (I selected All). At that time the upgrade process on each component would start. 

You would get the option to select Secure Boot Option. I selected 'No' as I wasn't using this feature.

You can see the progress throughout the process (almost)

Depending on the source and target version, you might lose connection to this window while some components are being updated. Don't panic. Give it time.

​Note: Some versions where you won't lose access to the KVM Console, you would lose connection when you exit the installer when the firmware is finally applied (Adapter or BIOS firmware).

Server would go through a power cycle and would load up the hypervisor. You can go the CIMC webpage to make sure that version is actually upgraded.
Hope this helps!

Macs and PCs keyboards are different. Recently, I had purchased a Mac and was confused with some keys on how to use them on Mac. Here are some of the equivalents. I will keep on updating as I come across more keys.

Page Down = 'fn' + 'Down Arrow'
​Page Up = 'fn' + 'Up Arrow'
Delete = 'fn' + 'delete'
Backspace = 'delete'
F1, F2, F3, .... = 'fn' + top row buttons OR
F1, F2, F3, .... = 'fn' + keys on control strip (Mac Book Pros with control strip)

Other cool shortcuts

To make screenshot of the whole screen: 'shift' + 'command' + '3'
To make screenshot of a portion of the screen: 'shift' + 'command' + '4' (crosshair would appear, press and drag the mouse over the potion you make to make a screenshot)
To make screenshot of an active window: 'shift' + 'command' + '4', then press spacebar, click on any window

All above would result in a PNG (Portable Network Graphics) file on the desktop.

Even though SIP is quickly becoming the industry standard (if not already), there are issues with SIP which because the way each vendor implements it in their products. What I have seen is mostly DTMF causes most pain for the engineers.
Here are some of the ways DTMF is used in SIP environments.

IN-BAND
In In-Band, the DTMF information is carried inside the actual voice traffic. This is defined under RFC 2833.

OUT-OF-BAND
In Out-of-Band, DTMF information is carried outside the voice traffic.

CUCM Configuration
Here are the CUCM Trunk configuration parameter that can be selected:
​
DTMF Signaling Method: Choose from the following options:
No Preference (default)—Cisco Unified Communications Manager will pick the DTMF method to negotiate DTMF, so the call does not require an MTP. If Cisco Unified Communications Manager has no choice but to allocate an MTP (if the Media Termination Point Required check box is checked), SIP trunk will negotiate DTMF to RFC2833.
RFC 2833—Choose this configuration if the preferred DTMF method to be used across the trunk is RFC2833. Cisco Unified Communications Manager makes every effort to negotiate RFC2833, regardless of MTP usage. Out of band provides the fallback method if the peer endpoint supports it.
OOB and RFC 2833—Choose this configuration if both out of band and RFC2833 should be used for DTMF.

​Media Termination Point Required:
You can configure Cisco Unified Communications Manager SIP trunks to always use an MTP. Check this check box to provide media channel information in the outgoing INVITE request. When this check box is checked, all media channels must terminate and reoriginate on the MTP device. If you uncheck the check box, the Cisco Unified Communications Manager can decide whether calls are to go through the MTP device or be connected directly between the endpoints.

Note : 
If check box remains unchecked (default case), Cisco Unified Communications Manager will attempt to dynamically allocate an MTP if the DTMF methods for the call legs are not compatible.

For example, existing phones that run SCCP support only out-of-band DTMF, and existing phones that run SIP support RFC2833. Because the DTMF methods are not identical, the Cisco Unified Communications Manager dynamically allocates an MTP. If, however, a new phone that runs SCCP, which supports RFC2833 and out-of-band, calls an existing phone that runs SIP, Cisco Unified Communications Manager does not allocate an MTP because both phones support RFC2833. So, by having the same type of DTMF method supported on each phone, no need exists for MTP.

Instead of selecting Media Termination Point Required on the above option, a better option is to Insert MTP whenever is required. That is done through the SIP Trunk Profile.

​Early Offer support for voice and video calls:
This field configures Early Offer support for voice and video calls. When enabled, Early Offer support includes a session description in the initial INVITE for outbound calls. Early Offer configuration settings on SIP profile apply only to SIP trunk calls. These configuration settings do not affect SIP line side calls. If this profile is shared between a trunk and a line, only a SIP trunk that uses the profile is affected by these settings.

The Media Transfer Point (MTP) Required check box on the Trunk Configuration window, if enabled, overrides the early offer configuration on the associated SIP profile. Cisco Unified Communications Manager sends the MTP IP address and port with a single codec in the SDP in the initial INVITE.

From the drop-down list box, select one of the following three options:

Disabled (Default value) - Disables Early Offer; no SDP will be included in the initial INVITE for outbound calls.
Best Effort (no MTP inserted)

1. Provide Early Offer for the outbound call only when caller side's media port, IP and codec information is available.
2. Provide Delayed Offer for the outbound call when caller side's media port, IP and codec information is not available. No MTP is inserted to provide Early Offer in this case.

Mandatory(insert MTP if needed) - Provide Early Offer for all outbound calls and insert MTP when caller side's media port, IP and codec information is not available.

CUBE (SBC) Configuration

On the CUBE dial-peers, DTMF has to be selected.
You can actually select RFC2833 as well as a secondary DTMF if RFC2833 (in-band) is not supported.
​

​For complete dial-peer config, please refer to this blog post.

Some text in the above blog was taken was Cisco Unified Communications Manager Help Pages.