In October 2016, I took the VCP6-NV exam and failed. While this was not the first exam I have failed, it was eye opening. After seeing the question set, I realized my understanding of the exam was incorrect. I wrote a post In February, I went to retake the exam but due to an issue with the Pearson systems I couldn';t sit on the day. On the 31st of March I sat the exam for the second time and passed.
Layer2 Invisibility L2 traffic is a major blind spot for many companies. Most security filtering only happens when traffic traverses a Layer3 boundary. If traffic does not cross this boundary, it is not scanned and not seen. Attackers can move unseen within a L2 network, due to this lack of visibility. Physical firewalls work well for North-South traffic. They do not perform as well for east-west. Creating a shell, that offers no internal protection.
QoS is a method of providing a minimal Quality of Service to network traffic. This is done through adding values to the Ethernet or packet headers. By adding these values, priority can be assigned to network traffic types. Some services do not a significant amount of bandwidth but are sensitive to latency. These services can benefit from QoS. Networks use QoS as a way to give priority where needed. A service provider often provides a level of service for their clients.