Site-to-site VPN SDM Lab Sim

September 14th, 2010 in LabSim

Question

IPsec-SDM-Site-to-site-VPN.jpg

Next Gen University main campus is located in Santa Cruz. The University has recently established various remote campuses offering e-learning services. The University is using Ipsec VPN connectivity between its main and remote campuses San Jose(SJ), Los Angeles(LA), Sacremento(SAC). As a recent addition to the IT/Networking team, you have been tasked to document the Ipsec VPN configurations to the remote campuses using the Cisco Router and SDM utility. Using the SDM output from VPN Tasks under the Configure tab to answer this question.

READ MORE…

Port Security Lab Sim

September 14th, 2010 in LabSim

Question

You are the network security administrator for Big Money Bank Co. You are informed that an attacker has performed a CAM table overflow attack by sending spoofed MAC addresses on one of the switch ports. The attacker has since been identified and escorted out of the campus. You now need to take action to configure the switch port to protect against this kind of attack in the future.

For purposes of this test, the attacker was connected via a hub to the Fa0/12 interface of the switch. The topology is provided for your use. The enable password of the switch is cisco. Your task is to configure the Fa0/12 interface on the switch to limit the maximum number of MAC addresses that are allowed to access the port to two and to shutdown the interface when there is a violation.

PortSecuritySim_Title.jpg

Answer and Explanation

READ MORE…

Zone-based Firewall SDM Simlet

September 14th, 2010 in LabSim

Instructions

To access the Cisco Router and Security Device Manager(SDM) utility click on the console host icon that is connected to a ISR router.You can click on the grey buttons below to view the different windows.
Each of the windows can be minimized by clicking on the [-].You can also reposition a window by dragging it by the title bar.
The “Tab” key and most commands that use the “Control”or “Escape” keys are not supported and are not necessary to complete this simulation.

(Note: If you don’t understand how Zone-Based-Firewall works, check out my article at http://www.securitytut.com/ccna-security-knowledge/cisco-ios-zone-based-firewall-tutorial/)

(Notice: the access list, class-map, policy-map, zones, zone-pair… in the real exam might be different!)

READ MORE…