A.2

You are the IT administrator for a small corporate network. Recently, you added a web server that runs services that need to be accessible from the internet. You need to place this server in a DMZ and configure the DMZ settings on the network security appliance (NSA). In this lab, your task is to perform the following: Connect the left port of the CorpDMZWeb server to the Optional port on the NSA. Configure the Optional port on the NSA for DMZ mode from the IT administrator's workstation.NSA management console address: http://198.28.56.18Username: xAdminPassword: Admin$0nly (0 is zero) Configure the DMZ port to act as a DHCP server with the default IP addresses.Primary DNS server address: 163.128.78.93Secondary DNS server address:163.128.80.93 Reserve the first IP address in the DMZ's DHCP address range for CorpDMZWeb.IP address: 172.16.2.100MAC address: 1A:2B:C4:28:3B:9F Configure the CorpDMZWeb server to obtain an IP address automatically. Configure the CorpDMZWeb server to obtain a DNS address automatically. Verify that the CorpDMZWeb server receives the reserved IP address.

https://docs.google.com/document/d/19HFx-dZW5bf3PU92gq5ag1jXbz1BLiptCJ8q6-8j0n0/edit?usp=sharing

You are the IT security administrator for a small corporate network. You need to increase the networking closet's security by implementing a CCTV system with IP cameras. As part of this task, you need to separate the CCTV data traffic on the network using a separate VLAN on the switch. The patch panel connections for the networking closet, lobby, and IT administration office are installed and ready for use (ports 18-20). A DHCP server is already configured to provide the IP cameras and the laptop in the IT administration office with the correct TCP/IP settings (port 21). For an easier implementation, create the logical VLAN first. Then establish the physical connections of the IP cameras and the laptop. In this lab, your task is to perform the following: Access the switch management console from ITAdmin using the following credentials:Address: http://192.168.0.2Username: ITSwitchAdminPassword: Admin$0nly (0 is zero) Create a VLAN on the switch as follows:VLAN ID: 2VLAN Name: IPCamerasPorts: 18, 19, 20, 21 In the networking closet and lobby, perform the following:Connect a Cat5e cable to the RJ-45 ports on the IP camera and the IP camera wall plate.Mount the IP camera on the wall plate. In the networking closet, connect the DHCP server to the VLAN using a Cat5e cable from switch port 21 to patch panel port 21 in the rack. In the IT administration office, connect a Cat5e cable to the laptop's network port and the open port on the wall plate. On ITAdmin-Lap, verify the VLAN configuration and IP camera installation as follows:Select Start > All Apps > IP Cameras.Verify that the program detects the IP cameras on the VLAN 2 network.

https://docs.google.com/document/d/1K08ieShl8zpgDKRXAETZ9XcwgS1lxrvY13En3tqRCSk/edit?usp=sharing

You are the IT security administrator for a small corporate network. You need to increase the security on the switch in the networking closet by restricting access management and by updating the switch's firmware. In this lab, your task is to perform the following: Create an access profile called MgtAccess and configure it with the following settings:SettingValueAccess Profile NameMgtAccessRule Priority1Management MethodAllActionDenyApplies to InterfaceAllApplies to Source IP addressAll Add a profile rule to the MgtAccess profile with the following settings:SettingValueRule Priority2Management MethodHTTPActionPermitApplies to interfaceAllApplies to Source IP addressUser definedIP Version: Version 4IP Address: 192.168.0.10Network Mask: 255.255.255.0 Set the MgtAccess profile as the active access profile. Save the changes to the switch's startup configuration file. Update the firmware image to the latest version by downloading the firmware files found in C:\Sx300_Firmware\Sx300_FW-1.2.7.76.ros. If you need to log back in to the switch, the user name is ITSwitchAdmin and the password is Admin$0nly2017 (0 is zero).

https://docs.google.com/document/d/1VQJwU_gaQG8rr18QmNf8U5iZoRgAPyyYoVm29QJeEb8/edit

You are the IT security administrator for a small corporate network. You need to increase the security on the switch in the networking closet by restricting access management and by updating the switch's firmware. In this lab, your task is to perform the following: Create an access profile called MgtAccess and configure it with the following settings:SettingValueAccess Profile NameMgtAccessRule Priority1Management MethodAllActionDenyApplies to InterfaceAllApplies to Source IP addressAll Add a profile rule to the MgtAccess profile with the following settings:SettingValueRule Priority2Management MethodHTTPActionPermitApplies to interfaceAllApplies to Source IP addressUser definedIP Version: Version 4IP Address: 192.168.0.10Network Mask: 255.255.255.0 Set the MgtAccess profile as the active access profile. Save the changes to the switch's startup configuration file. Update the firmware image to the latest version by downloading the firmware files found in C:\Sx300_Firmware\Sx300_FW-1.2.7.76.ros.

https://docs.google.com/document/d/1VQJwU_gaQG8rr18QmNf8U5iZoRgAPyyYoVm29QJeEb8/edit?usp=sharing