A.2.4 Network Pro Domain 4: Security

You are the IT security administrator for a small corporate network. You need to enable logging on the switch located in the Networking Closet. In this lab, your task is to: Enable Logging and the Syslog Aggregator. Configure RAM Memory Logging as follows:Emergency, Alert, and Critical: EnableError, Warning, Notice, Informational, and Debug: Disable Configure Flash Memory Logging as follows:Emergency and Alert: EnableCritical, Error, Warning, Notice, Informational, and Debug: Disable Copy the running configuration file to the startup configuration file using the following settings:Source File Name: Running configurationDestination File Name: Startup configuration

Complete this lab as follows: Access the Log Settings for the switch.From the left menu, expand and select Administration > System Log > Log Settings. Enable Logging and the Syslog Aggregator.For Logging, select Enable.For Syslog Aggregator, select Enable. Configure RAM and Flash Memory Logging.Under RAM Memory Logging:Select Emergency, Alert, and Critical.Clear Error, Warning, Notice, Informational, and Debug.Under Flash Memory Logging:Mark Emergency and Alert.Clear Critical, Error, Warning, Notice, Informational, and Debug.Select Apply. Copy the running configuration file to the startup configuration file.From the top menu bar, select Save.Under Copy/Save Configuration, select Apply.Select OK.Select Done.

You are the security analyst for a small corporate network. You are currently using pfSense as your security appliance. In this lab, your task is to complete the following: Using Google Chrome, sign into pfSense using the following case-sensitive information:URL: http://198.28.56.22Username: adminPassword: pfsense Change the password for the default pfSense account (admin) to P@ssw0rd (0 = zero). Create a new administrative user with the following parameters:Username: lyoungPassword: C@nyouGuess!tFull name: Liam YoungGroup membership: admins Set a session timeout of 20 minutes for pfSense. Disable the webConfigurator anti-lockout rule for the HTTP protocol.

Complete this lab as follows: Access the pfSense management console.From the taskbar, select Google Chrome.Maximize the window for better viewing.In the Google Chrome address bar, enter 198.28.56.22 and then press Enter.Enter the pfSense sign-in information as follows:Username: adminPassword: pfsenseSelect SIGN IN. Change the password for the default (admin) account.From the pfSense menu bar, select System > User Manager.For the admin account, under Actions, select the Edit user icon (pencil).For Password, change to P@ssw0rd (0 = zero).Enter P@ssw0rd in the Confirm Password field.Scroll to the bottom and select Save. Create and configure a new pfSense user.Select Add.Enter lyoung as the username.Enter C@nyouGuess!t in the Password field.Enter C@nyouGuess!t in the Confirm Password field.Enter Liam Young in Full Name field.For Group membership, select admins and then select Move to "Member of" list.Scroll to the bottom and select Save. Set a session timeout for pfSense.Under the System breadcrumb, select Settings.For Session timeout, enter 20.Select Save. Disable the webConfigurator anti-lockout rule for HTTP.From the pfSense menu bar, select System > Advanced.Under webConfigurator, for Protocol, select HTTP.Scroll down and select Anti-lockout to disable the webConfigurator anti-lockout rule.Scroll to the bottom and select Save.

You are an IT security administrator for a small corporate network. To increase security, you have installed the pfSense security appliance on the network. Now you need to configure the device. In this lab, your task is to configure pfSense as follows: Sign in to pfSense using the following case-sensitive information:Username: adminPassword: P@ssw0rd (0 = zero) Configure the DNS servers as follows:Primary DNS server: 163.128.78.93 - Hostname: DNS1Secondary DNS server: 163.128.80.93 - Hostname: DNS2 Configure the WAN IPv4 information as follows:Enable the interface.Use a static IPv4 address of 65.86.24.136/8Add a new gateway using the following information:Type: Default gatewayName: WANGatewayIP address: 65.86.1.1

Complete this lab as follows: Access the pfSense management console.Sign in using the following case-sensitive information:Username: adminPassword: P@ssw0rd (zero).Select SIGN IN or press Enter. Configure the DNS servers.From the pfSense menu bar, select System > General Setup.Under DNS Server Settings, configure the primary DNS server.Address: 163.128.78.93Hostname: DNS1Gateway: NoneSelect Add DNS Server to add a secondary DNS server and then configure it.Address: 163.128.80.93Hostname: DNS2Gateway: NoneScroll to the bottom and select Save. Configure the WAN settings.From pfSense menu bar, select Interfaces > WAN.Under General Configuration, select Enable interface.Use the IPv4 Configuration Type drop-down to select Static IPv4.Under Static IPv4 Configuration, in the IPv4 Address field, use 65.86.24.136Use the IPv4 Address subnet drop-down to select 8.Under Static IPv4 Configuration, select Add a new gateway.Configure the gateway settings as follows:Default: select Default gatewayGateway name: WANGatewayGateway IPv4: 65.86.1.1Select Add.Scroll to the bottom and select Save.Select Apply Changes.

You are working on a small home network. You recently created a wireless network to allow the owner's laptop and mobile devices to make a connection to the wired network and the internet. However, without additional configuration, the wireless access point will allow connections from any laptop or mobile device. You need to secure the wireless network from unauthorized access. In this lab, your task is to: Access, and sign into, the TPLink-AC1750 wireless access point.URL: 192.168.0.254Username: adminPassword: password Change the settings on the wireless access point using:SSID: PoliceVan (the SSID name is case sensitive).Authentication: WPA2 PersonalEncryption: AESSecurity Key: 4WatchingU (the security key is case sensitive). Change the wireless access point's administrator authentication credentials from their defaults using the following:Username: @dm1nPassword: StayOut! (O is the capital letter O).Do not save the credentials in Internet Explorer. Configure the laptop to connect to the wireless network and save the wireless profile settings as listed above.

Complete this lab as follows: Access, and sign into, the TPLink-AC1750 wireless access point.In the URL field of Google Chrome, enter 192.168.0.254 and press Enter.Maximize Google Chrome for easier viewing.From the top menu bar, select the Wireless tab.Enter the sign in credentials:Username: adminPassword: passwordSelect Sign In. Change the Wireless Network Name (SSID) to PoliceVan.Make sure the Wireless submenu of Basic Settings is selected.Under Wireless Interface wlan0, change the Wireless Network Name (SSID) to PoliceVan.Scroll down and select Apply Settings. Configure the wireless security settings.From the submenu bar, select the Wireless Security tab.For Wireless Mode, use the drop-down list to select WPA.Under Networking, select WPA2 Personal.Under WPA Algorithms, select CCMP-128 AES.In the WPA Shared Key field, enter 4WatchingU.(Optional) Select Unmask to verify your new shared key.Scroll to the bottom and select Apply Settings. Change the wireless access point's administration authentication credentials.From the top menu bar, select the Administration tab.Make sure the Management submenu is selected.Change the Router Password settings as follows:Router Username: @dm1nRouter Password: StayOut! (O is the capital letter O).Re-enter to confirm: StayOut! (O is the capital letter O).Scroll to the bottom and select Apply Settings.Select Save.Select Reboot Router.When prompted, select Continue. Configure the laptop to connect to the wireless network and save the wireless profile settings.From the top left, select Computer Desk.On the Home-Laptop monitor, select Click to view Windows 10.Select the Network icon.Select PoliceVan.Make sure Connect automatically is selected.Select Connect.Enter 4WatchingU (the passphrase).Select Next.Select Yes to make your PC discoverable on the network.From the Notification area of the taskbar, right-click the network icon and select Network & Internet settings to confirm the connection.

You need to customize Remote Desktop settings on your computer to allow Tom Plask, a help desk technician, remote access to your system. In this lab, your task is to: Configure Office1 to allows connections from Remote Desktop. Add Tom Plask to the users that will be able to connect to Office1 using a Remote Desktop connection. Verify that the firewall ports for Remote Desktop are opened appropriately.

Complete this lab as follows: Configure Office1 to allows connections from Remote Desktop.Right-click Start and select Settings.Maximize the window for better viewing.Select System.From the left pane, select Remote Desktop.Under Enable Remote Desktop, slide the button to the right to enable remote desktop.Select Confirm. Add Tom Plask to the users that will be able to connect to Office1 using a Remote Desktop connection.Under User accounts, click Select users that can remotely access this PC.Select Add.Enter Tom Plask.Select OK to add the user.Select OK to close the dialog. Verify that the firewall ports for Remote Desktop are opened appropriately.From the Settings app, select Home (upper left).Select Update & Security.Select Windows Security.Select Firewall & network protection.Select Allow an app through firewall.Scroll down and verify that Remote Desktop is marked (to open the port).(The corresponding port is opened or closed automatically when you enable or disable the service in the system properties).Select Cancel.

You are a network technician for a small corporate network. You would like to enable wireless intrusion prevention on the wireless controller. You are already logged in as WxAdmin on the Wireless Controller console on the ITAdmin computer. In this lab, your task is to: Configure the wireless controller to protect against denial-of-service (DOS) attacks using the following settings:Protect my wireless network against excessive wireless requests.Temporarily block wireless clients with repeated authentication failures for (120) seconds. Configure intrusion detection and prevention using the following settings:Report all rogue devices (regardless of type).Protect the network from malicious rogue access points. Enable rogue DHCP server detection.

Complete this lab as follows: Configure the wireless controller to protect against denial-of-service (DOS) attacks.From the Ruckus controller, select the Configure tab.From the left menu, select WIPS.From the right pane, select:Protect my wireless network against excessive wireless requests.Temporarily block wireless clients with repeated authentication failures.Enter a threshold of 120 seconds.On the right, for this area, select Apply. Configure intrusion detection and prevention.Select Enable report rogue devices.Select Report all rogue devices.Select Protect the network from malicious rogue access points.On the right, for this area, select Apply. Select Enable rogue DHCP server detection and then select Apply.

You are the IT security administrator for a small corporate network. You have received a zip file that contains sensitive password-protected files. You need to access these files. The zip file is located in the home directory. In this lab, your task is to use John the Ripper to: Crack the root password on Support. Crack the password of the protected.zip file in the home directory on IT-Laptop.

Complete this lab as follows: Crack the root password on Support.From the Favorites bar, select Terminal.At the prompt, type cd /usr/share/john and press Enter to change directories to the folder containing the John the Ripper password file.Type ls and press Enter to list the files in the directory.Type cat password.lst and press Enter to view the password list. This is an abbreviated list.Type cd and press Enter to go back to root.Type john /etc/shadow and press Enter to crack the Linux passwords.Notice that the root password of 1worm4b8 was cracked.Type john /etc/shadow and press Enter to attempt to crack the Linux passwords again.Notice that it does not attempt to crack the password again. The cracked password is already stored in the john.pot file.Type cat ./.john/john.pot and press Enter to view the contents of the john.pot file.Type john /etc/shadow --show and press Enter as an alternate method of viewing the previously cracked password.From the top right, select Answer Questions.Answer Question 1. Crack the password of the protected.zip file.From the top left, select Floor 1 Overview.Under IT Administration, select IT-Laptop.From the Favorites bar, select Terminal.At the prompt, type ls and press Enter to view the contents of the home directory. Notice the protected.zip file you wish to crack.Type zip2john protected.zip > ziphash.txt and press Enter to copy the hashes to a text file.Type cat ziphash.txt and press Enter to confirm that the hashes have been copied.Type john --format=pkzip ziphash.txt and press Enter to crack the password.Type john ziphash.txt --show and press Enter to show the password.From the top right, select Answer Questions.Answer Question 2.Select Score Lab.

You are the network administrator for a small corporate network. While working on your Linux server, you have determined that you need to enable and disable a few services. In this lab, your task is to: Use the systemctl command to enable anaconda.service. Use the systemctl command to disable vmtoolsd.service. After each command, check the service status with the systemctl is-enabled command.

Complete this lab as follows: Enable the Anaconda service.From the Favorites bar, select Terminal.At the Terminal prompt, type systemctl enable anaconda.service and then press Enter.Type systemctl is-enabled anaconda.service and then press Enter to check the service's status. Disable the VMware Tools service.Type systemctl disable vmtoolsd.service and press Enter.Type systemctl is-enabled vmtoolsd.service and press Enter to check the service's status.

Pascal Bullock (pbullock) forgot her password and needs access to the resources on her computer. You are logged on as Sydney Hoffer. The password for the root account is P@ssw0rd (use a zero). In this lab, your task is to: Find Sydney Hoffer's username. Change the password for the pbullock user account to 1234asdf. Make sure the password is encrypted in the shadow file. Answer the question.

Complete this lab as follows: Find your username.From the Favorites bar, select Terminal.Type whoami at the prompt.From the top right, select Answer Questions.Answer the question. Change Pascal Bullock's password.At the prompt, type su -c "passwd pbullock" and then press Enter.Type P@ssw0rd and then press Enter.This is the password for the root user.At the New password prompt, type 1234asdf and then press Enter.This is the new password for the schawla user account.At the Retype new password prompt, type 1234asdf and then press Enter.Select Score Lab.

You are the IT security administrator for a small corporate network. As a test, you want to spoof the DNS to redirect traffic as part of an on-path (man-in-the-middle) attack. To do this, you have decided to send all DNS requests for the RMK Office Supplies coming from the Exec computer to the RUS Office Supplies site. In this lab, your task is to complete the following: From the Exec computer, view normal access to the RMK Office Supplies website. From the Support computer, view the contents of the /etc/ettercap/etter.dns file to see which entry reroutes the request to the RMK Office Supplies site to the RUS Office Supplies site. Answer Question 1. Use Ettercap to configure DNS spoofing and an on-path attack using the following information:Use unified sniffing on the enp2s0 interface.Set Exec (192.168.0.30) as the target machine.Initiate DNS spoofing using an Ettercap plug-in.Initiate ARP poisoning on remote connections. From Exec, use Google Chrome to access www.rmksupplies.com and analyze the results. Answer Question 2.

Complete this lab as follows: From Exec, view normal access to the RMK Office Supplies website.From the taskbar, select Google Chrome.In the URL field, type www.rmksupplies.com and press Enter.Notice that you are taken to the RMK Office Supplies website.Close Google Chrome. From Support, learn how Ettercap's DNS spoofing plug-in works by viewing the host file (etter.dns).From the top left, select Floor 1 Overview.Under Support Office, select Support.From the Favorites bar, select Terminal.From the Terminal prompt, type cd /etc/ettercap and then press Enter to change to the Ettercap directory.Type ls and then press Enter to view the current files.Type cat etter.dns and then press Enter to view the contents of the etter.dns file.Typing cat etter.dns | less lets you view the file one line at a time. If used, type q to end the cat command.At the bottom, locate the line that specifies where the RMK Office Supplies website will be redirected.From the top right, select Answer Questions.Answer Question 1.Minimize the Answer Questions dialog. Use Ettercap to begin unified sniffing on the enp2s0 interface.From the Favorites bar, select Ettercap.Select Sniff > Unified sniffing...From the Network Interface drop-down list, select enp2s0.Select OK. Set Exec (192.168.0.30) as the target machine.Select Hosts > Host list to view the hosts known to the tool.None are shown.Select Hosts > Scan for hosts to scan for hosts on the network.A list of hosts is shown.Under IP Address, select 192.168.0.30 (the Exec computer).Select Add to Target 1 to assign it as the target. Initiate DNS spoofing using the Ettercap plug-in.Select Plugins > Manage the plugins.Select the Plugins tab.Double-click dns_spoof to activate it. Initiate ARP poisoning on remote connections.Select Mitm > ARP poisoning.Select Sniff remote connections.Select OK. From Exec, attempt to access the RMK Office Supplies site to view the results of the DNS spoofing.From the top left, select Floor 1 Overview.Under Executive Office, select Exec.From the taskbar, select Google Chrome.In the URL field, type www.rmksupplies.com and press Enter.From the top right, select Answer Questions.Answer Question 2.Select Score Lab.

You are the IT security administrator for a small corporate network. You are experimenting with DHCP spoofing attacks using Ettercap. In this lab, your task is to complete the following: From IT-Laptop, use Ettercap to launch an on-path (man-in-the-middle) DHCP spoofing attack using the following parameters:Network interface: enp2s0Netmask: 255.255.255.0DNS Server IP: 192.168.0.11 From Support, complete the following tasks:Find the current default gateway being used.Answer Question 1.Start a capture in Wireshark and filter the display for DHCP traffic.Bring the network interface down and back up to request a new DHCP address.From Wireshark, determine which DHCP ACK packet is the spoofed packet.Answer Questions 2 and 3.Find the current default gateway being used now. From Office1, complete the following tasks:Use tracert to find the path to the rmksupplies.com site. What is the path?Check the IP address of the Office1 computer.Release and renew the IP address assigned by DHCP.Check the IP address of the computer again. What has changed?Use tracert to rmksupplies.com to find the path again. What has changed?Log in to the Employee Portal using the following credentials:URL: rmksupplies.comUsername: bjacksonPassword: $uper$ecret1 From IT-Laptop, find the captured username and password in Ettercap.

Complete this lab as follows: From IT-Laptop, start unified sniffing on the enp2s0 interface.From the Favorites bar, select Ettercap.Select Sniff > Unified sniffing.From the Network Interface drop-down list, select enp2s0.Select OK.Select Mitm > DHCP spoofing and then configure the Server Information as follows:Netmask: 255.255.255.0.DNS: 192.168.0.11.Select OK. Find the current default gateway for Support.From the top left, select Floor 1 Overview.Under Support Office, select Support.From the Favorites bar, select Terminal.Type route and press Enter.From the top right, select Answer Questions.Answer Question 1.Minimize the Lab Questions dialog. Start a Wireshark capture that filters for bootp packets.From the Favorites bar, select Wireshark.Under Capture, select enp2s0.Select the blue fin to begin a Wireshark capture.In the Apply a display filter field, type bootp and press Enter. Request a new IP address from the DHCP server for the enp2s0 interface.At the terminal prompt:Type ip link set enp2s0 down and press Enter to bring the interface down.Type ip link set enp2s0 up and press Enter to bring the interface back up.Maximize Wireshark for easier viewing.In Wireshark, under the Info column, notice there are two DHCP ACK packets. One is the legitimate acknowledgment (ACK) packet from the DHCP server, and the other is the spoofed ACK packet. Determine which DHCP ACK packet is the spoofed packet.Select one of the DHCP ACK packets received.In the middle panel, expand Bootstrap Protocol (ACK).Expand Option: (3) Router.Make note of the IP address used by the router.Repeat steps 5a-5c for the second ACK packet.From the top right, select Answer Questions.Answer the Questions 2 and 3.Minimize Wireshark and the Lab Questions dialog so you can see the terminal window.At the terminal prompt, type route and press Enter.Notice that the current gateway is now 192.168.0.46.This is the address of the computer performing the on-path (man-in-the-middle) attack. On Office1, view the current default gateway and the route to rmksupplies.com site.From the top left, select Floor 1 Overview.Under Office 1, select Office1.Right-click Start and select Windows PowerShell (Admin).At the PowerShell prompt, type tracert rmksupplies.com and press Enter.Notice that the first hop is 192.168.0.5.Type ipconfig and press Enter to view the IP address configuration for the computer.The configuration for Office1 is:IP address: 192.168.0.33Default Gateway: 192.168.0.5At the prompt, type ipconfig /release and press Enter to release the currently assigned addresses.Type ipconfig /renew and press Enter to request a new IP address from the DHCP server.Notice that the default gateway has changed to the attacker's computer, which has an IP address of 192.168.0.46.Type tracert rmksupplies.com and press Enter.Notice that the first hop is now 192.168.0.46 (the address of the attacker's computer). Using Google Chrome, log into the rmksupplies.com Employee Portal.From the taskbar, select Google Chrome.Maximize the window for easier viewing.In the URL field, enter rmksupplies.com and press Enter.At the bottom of the page, select Employee Portal and login using the following:Username: bjackson.Password: $uper$ecret1.Select Login.You are logged in as Blake Jackson. From IT-Laptop, find the captured username and password in Ettercap.From the top left, select Floor 1 Overview.Under IT Administration, select IT-Laptop.Maximize Ettercap.In Ettercap's bottom pane, find the username and password used to log in to the Employee Portal. Score the lab.From the top right, select Answer Questions to end the lab.Select Score Lab.

You work as the IT security administrator for a small corporate network. In an effort to protect your network from security threats and hackers, you have added Snort to pfSense. With Snort already installed, you need to configure rules and settings and then assign Snort to the desired interface. In this lab, your task is to use pfSense's Snort to complete the following: Sign in to pfSense using the following:Username: adminPassword: P@ssw0rd (zero) Configure the following rules to be downloaded:Snort free registered User rulesOinkmaster code: 992acca37a4dbd7Snort GPLv2 Community rulesEmerging Threats Open rulesSourcefire OpenAppID DetectorsAPPID Open rules Configure rule updates to happen every 4 days at 12:10 a.m.Hide any deprecated rules. Block offending hosts for 1 day. Send all alerts to the system log when Snort starts and stops. Assign Snort to the WAN interface using Snort-WAN as the description.Include:Sending alerts to the system log.Automatically blocking hosts that generate a Snort alert. Start Snort on the WAN interface.

Complete this lab as follows: Sign in to the pfSense management console.In the Username field, enter admin.In the Password field, enter P@ssw0rd (zero).Select SIGN IN or press Enter. Access Snort Global Settings.From the pfSense menu bar, select Services > Snort.Under the Services breadcrumb, select Global Settings. Configure the required rules to be downloaded.Select Enable Snort VRT.In the Snort Oinkmaster Code field, enter 992acca37a4dbd7. You can copy and paste this from the scenario.Select Enable Snort GPLv2.Select Enable ET Open. Configure the Sourcefire OpenAppID Detectors to be downloaded.Under Sourcefire OpenAppID Detectors, select Enable OpenAppID.Select Enable RULES OpenAppID. Configure when and how often the rules will be updated.Under Rules Update Settings, use the Update Interval drop-down menu to select 4 DAYS.For Update Start Time, change to 00:10 (12:10 a.m. in 24-hour format).Select Hide Deprecated Rules Categories. Configure Snort General Settings.Under General Settings, use the Remove Blocked Hosts Interval drop-down menu to select 1 Day.Select Startup/Shutdown Logging.Select Save. Configure the Snort Interface settings for the WAN interface.Under the Services breadcrumb, select Snort Interfaces and then select Add.Under General Settings, make sure Enable interface is selected.For Interface, use the drop-down menu to select WAN (CorpNet_pfSense_L port 1).For Description, use Snort-WAN.Under Alert Settings, select Send Alerts to System Log.Select Block Offenders.Scroll to the bottom and select Save. Start Snort on the WAN interface.Under the Snort Status column, select the arrow to start Snort.Wait for a checkmark to appear, indicating that Snort was started successfully.

You are the IT security administrator for a small corporate network. You need to secure access to your switch, which is still configured with the default settings. Access the switch management console through Chrome on http://192.168.0.2 with the username cisco and password cisco. In this lab, your task is to: Create a new user account with the following settings:Username: ITSwitchAdminPassword: Admin$only1844User Level: Read/Write Management Access (15) Edit the default user account as follows:Username: ciscoPassword: CLI$only1958User Level: Read-Only CLI Access (1) Save the changes to the switch's startup configuration file.

Complete this lab as follows: Log in to the CISCO switch.From the taskbar, select Google Chrome.In the URL field, enter 192.168.0.2 and press Enter.Maximize the window for easier viewing.In the Username and Password fields, enter cisco (case sensitive).Select Log In. Create a new user account.Under Quick Access on the Getting Started menu, select Change Device Password.Select Add.For the username, enter ITSwitchAdmin (case sensitive).For the password, enter Admin$only1844 (case sensitive).For Confirm Password, enter Admin$only1844.For User Level, make sure Read/Write Management Access (15) is selected.Select Apply.Select Close. Edit the default user account.Under the User Accounts table, select cisco (the default user) and then select Edit.For Password, enter CLI$only1958.For Confirm Password, enter CLI$only1958.For User Level, select Read-Only CLI Access (1).Select Apply. Save the changes to the switch's startup configuration file.From the top of the switch window, select Save.Under Source File Name, make sure Running configuration is selected.Under Destination File Name, make sure Startup configuration is selected.Select Apply.Select OK.Select Done.

As an important IT initiative, you are exploring opportunities to decrease the vulnerability of your network. You wish to harden your switch by disabling any unused ports. In this lab, your task is to complete the following: From Google Chrome, access the switch console as follows:Site: 192.168.0.2Username: ciscoPassword: cisco Disable ports 15, 18, and 21-27. Save the changes to the switch's startup configuration file.

Complete this lab as follows: Log in to the CISCO switch.In the Google Chrome URL field, enter 192.168.0.2 and press Enter.Maximize the window for better viewing.In the Username and Password fields, enter cisco (case sensitive).Select Log In. Disable port GE15.From the left navigation bar, expand and select Port Management > Port Settings.Select GE15 (port 15) and then select Edit.For Administrative Status, select Down.Select Apply.Select Close. Copy GE15 port settings to ports 18 and 21-27.Select GE15 and then select Copy Settings.Type 18,21-27 in the To: field.Select Apply. Save the changes to the switch's startup configuration file.From the upper right of the switch window, select Save.For Source File Name, make sure Running configuration is selected.For Destination File Name, make sure Startup configuration is selected.Select Apply.Select OK.Select Done.

You are a network technician for a small corporate network. You need to increase the security of your wireless network. Your new wireless controller provides several security features that you would like to implement. In this lab, your task is to complete the following: Using Google Chrome, log into the Ruckus ZoneDirector.URL: http://192.168.0.6Admin Name: adminPassword: password Change the admin's username and password for the Ruckus Wireless ZoneDirector to the following:Admin Name: WxAdminPassword: ZDAdminsOnly!$ (O is the capital letter O) Set up MAC address filtering (L2-L7 Access Control) to create an allow list (whitelist) called Allowed Devices that includes the following wireless devices:00:18:DE:01:34:6700:18:DE:22:55:9900:02:2D:23:56:8900:02:2D:44:66:88 Implement a device access policy called NoGames that blocks gaming consoles from the wireless network.

Complete this lab as follows: Log into the Ruckus Wireless ZoneDirector.In the Google Chrome URL field, type 192.168.0.6 and press Enter.Log in using the following:Admin Name: adminPassword: passwordSelect Login. Change the admin's username and password for the Ruckus Wireless ZoneDirector.Select the Administer tab.Ensure Authenticate using the admin name and password is selected.In the Admin Name field, enter WxAdminEnter password in the Current Password field.In the New Password field, enter ZDAdminsOnly!$ (Note: O is the capital letter O).Enter ZDAdminsOnly!$ in the Confirm New Password field.On the right of the section, select Apply. Enable MAC address filtering.From the top, select the Configure tab.From the left menu, select Access Control.Expand L2-L7 Access Control.Under L2/MAC address Access Control, select Create New.In the Name field, enter Allowed Devices.Under Restriction, make sure Only allow all stations listed below is selected.Enter a MAC address.Select Create New.Repeat steps 3g-3h for each of the remaining MAC address that need to be added to the ACL.Select OK. Configure access controls.Under Access Control, expand Device Access Policy.Select Create New.In the Name field, enter NoGames.Select Create New.Use the OS/Type drop-down menu to select Gaming.Use the Type drop-down menu to select Deny.Under Uplink, ensure Disabled is selected.Under Downlink, ensure Disabled is selected.Select Save.Select OK.

You are helping Halle, a friend in college, with her network connection. To allow her to play SuperBlast with other classmates, Halle would like both of her computers (Dorm-PC and Dorm-PC2) to have a high-speed connection to the internet. Currently only one of Halle's computers (Dorm-PC) is connected to the internet, and there is only one Ethernet wall plate connection port available in her room. In this lab, your task is to complete the following on each of Halle's dorm computers: On Dorm-PC: Add the fastest router to the workspace and provide power. Connect the Dorm-PC to the router and internet. Establish an internet connection and turn on firewall protection for:Private networkPublic network Allow the SuperBlast program through Dorm-PC's firewall. Do not allow access to the Public network. On Dorm-PC2: After completing the tasks above, connect Dorm-PC2 to the router. Establish an internet connection and turn on firewall protection for:Private networkPublic network Allow the SuperBlast program through Dorm-PC2's firewall. Do not allow access to the Public network.

Complete this lab as follows: On Dorm-PC: Add the fastest router to the workspace and provide power.Under Shelf, expand Routers.Drag Router, 100/1000BaseTX Ethernet to the Workspace.For convenience, place the router to the left of the wall plate.Above the router, select Back to switch to the back view of the router.Under Shelf, expand Cables and then select Power Adapter, AC to DC.From the Selected Component pane:Drag the DC Power Connector to the power port on the back of the router.Drag the AC Power Adapter to the surge protector. Connect the Dorm-PC to the router and internet.Drag the Ethernet cable currently connected to the wall plate (the other end is connected to Dorm-PC) to a LAN port on the router.Under Shelf, select Cat5e Cable, RJ45.From the Selected Component pane:Drag an RJ45 Connector to the WAN port on the router.Drag the unconnected RJ45 Connector to the Ethernet port on the wall plate.(Optional) Above the router, select Front to verify power and network activity lights. Establish a connection to the internet.On the Dorm-PC monitor, select Click to view Windows 10.Right-click Start and select Windows PowerShell (Admin).At the PowerShell prompt, type IPconfig /renew and press Enter to request new TCP/IP information from the router.In the notification area of the taskbar, right-click the Network icon and select Open Network and Internet settings. The network information map should indicate an active connection to the Firewall Network and the internet. From Dorm-PC, turn on the applicable Windows Firewalls.In Network and Internet, in the right pane, scroll down and select Windows Firewall.From the right pane, under Private network, select Turn on.From the right pane, under Public network, select Turn on. Allow a program through the firewall on Dorm-PC.From the Windows Security window, select Allow an app through firewall.Select Change settings.Select Allow another app to configure an exception for an uncommon program.In the Add an app dialog, select SuperBlast from the list.Select Add.For the SuperBlast program, make sure the check mark for the Public profile is not selected.Select OK. On Dorm-PC2: Connect Dorm-PC2 to the router.From the top left, select Bench to return to the bench view.Above the Dorm-PC2 computer, select Back.Under Shelf, expand Cables.Select a Cat5e Cable, RJ45.From the Selected Component pane:Drag an RJ45 Connector to the LAN port on the Dorm-PC2 computer.Drag the unconnected RJ45 Connector to an open LAN port on the router. For Dorm-PC2, request new TCP/IP information from the router.On the Dorm-PC2 monitor, select Click to view Windows 10.Right-click Start and then select Windows PowerShell (Admin).At the PowerShell prompt, type IPconfig.Notice the connection to the 192.168.0.0 network.In the notification area of the taskbar, right-click the Network icon and select Open Network and Internet settings.The network information map should indicate an active connection to the Firewall Network and the internet. From Dorm-PC2, turn on the applicable Windows Firewalls.In Network and Internet, in the right pane, scroll down and select Windows Firewall.From the right pane, under Private network, select Turn on.From the right pane, under Public network, select Turn on. Allow the SuperBlast program through the firewall.From the Windows Security window, select Allow an app through firewall.Select Change settings.Select Allow another app to configure an exception for an uncommon program.In the Add an app dialog, select SuperBlast from the list.Select Add.For the SuperBlast program, make sure the check mark for the Public profile is not selected.Select OK.

You are logged on to your computer as Abigail Pain (apain), who is an administrator on this system. However, you think someone has learned your password. In this lab, your task is to change your password using the following information: Current password: P@ssw0rd (use a zero) New password: V3rySecure1@

Complete this lab as follows: Open the Terminal.From the Favorites bar, select Terminal. Change your password to [email protected] the Terminal's prompt, type passwd and press Enter.When prompted, enter your current password of P@ssw0rd (use a zero) and then press Enter.As you type in the password, the cursor will not move. Continue entering the password anyway.At the New password prompt, type V3rySecure1@ and then press Enter.Retype V3rySecure1@ as the new password and then press Enter.

You are the IT security administrator for a small corporate network. Your manager has received several concerning emails. He has asked you to view his email and determine whether these messages are hazardous or safe. In this lab, your task is to: Read each email and determine whether the email is legitimate. Delete any emails that are attempts at social engineering. Keep all emails that are safe.

Complete this lab as follows: Read each email and determine whether the email is legitimate. Delete any emails that are attempts at social engineering. Keep all emails that are safe. The following table list a summary of the results: EmailDiagnosisActionDescriptionMicrosoft Windows Update CenterNew Service PackPhishingDeleteNotice the various spelling errors and that the link does not direct you to a Microsoft website.Jim HawsRe: Lunch Today?Malicious AttachmentDeleteThis email appears to be from a colleague. However, why would he fail to respond to your lunch question and send you a random attachment in return?Executive RecruitingExecutive JobsWhalingDeleteWhaling uses tailored information to attack executives. Clicking the link could install malware that would capture sensitive company information.Human ResourcesEthics VideoSafeKeepWhile this email has an embedded link, it is digitally signed, so you know it actually comes from your Human Resources department. In addition, if you hover over the link, you see that it is a secure link to the corporate web server.Riverdale Estates HOAPayment PendingPhishingDeleteThis is a carefully crafted attempt to get your bank account information. Hover over the link and notice that it does not direct you to your credit union website, but to an unknown IP address instead.Grandma WhiteFW: FW: FW: Virus Attack WarningHoaxDeleteAny email that asks you to forward it to everyone you know is probably a hoax.Daisy KnudsenWeb Site UpdateSpear PhishingDeleteWhile this email appears to come from a colleague, notice that the link points to an executable file from a Russian domain name. This probably is not a message a real colleague would send. This file will likely infect the computer with malware.Rachelle HancockWow!!Malicious AttachmentDeleteEmails with attachments from random people who address you as "Dear Friend" are probably not safe.Grandma WhiteFree Airline TicketsHoaxDeleteAny email that asks you to forward it to everyone you know is probably a hoax, even if the contents promise you a prize. In addition, there is no way to know how many people the email has been forwarded to.Human ResourcesIMPORTANT NOTICE-Action RequiredSafeKeepWhile this email appears very urgent, it doesn't ask you to click on anything or run any attachments. It does inform you that you need to go a website that you should already know and make sure your courses are complete.Activities CommitteePumpkin ContestSafeKeepThis email doesn't ask you to click on anything or run any attachments.Bob AverezPresentationSafeKeepThis email doesn't ask you to click on anything or run any attachments.

You are the IT administrator for a small corporate network. The receptionist, Maggie Brown, uses an iPad to manage employee schedules and messages. On the device, her email settings are configured to communicate with an IMAP mail server over the unsecure port 143. Maggie also needs to use a new password to connect to the wireless network named CorpNet. In this lab, your task is to: Change Maggie Brown's Gmail account ([email protected]) setting to use SSL.Use server port 993. Connect Maggie to the CorpNet Wi-Fi.Use @CorpNetWeRSecure!& as the password.

Complete this lab as follows: Set the email account to use SSL and the secure port 993.Select Settings.From the left menu, select Accounts & Passwords. (You may need to scroll down to see this option.)Under Accounts & Passwords, select Gmail.Under Gmail, select [email protected] Advanced.Slide the button to enable Use SSL.Make sure the server port is set to 993.At the top, select Account.Click Done. Connect to CorpNet Wi-Fi.From the left menu, select Wi-Fi.Select CorpNet.In the Password field, enter @CorpNetWeRSecure!& as the password.Select Join.

You are the IT security administrator for a small corporate network. You need to increase the security on the switch in the Networking Closet. The following table lists the used and unused ports: Unused PortsUsed PortsGE2GE7GE9-GE20GE25GE27-GE28GE1GE3-GE6GE8GE21-GE24GE26 In this lab, your task is to: Shut down the unused ports. Configure the following Port Security settings for the used ports:Interface Status: LockLearning Mode: Classic LockAction on Violation: Discard

Complete this lab as follows: Shut down the unused ports.Under Initial Setup, select Configure Port Settings.Select the GE2 port.Scroll down and select Edit.For Administrative Status, select Down.Scroll down and select Apply.Select Close.With the GE2 port selected, scroll down and select Copy Settings.In the Copy configuration field, enter the remaining unused ports. Use the examples shown in the UI as a guide.Select Apply.From the Port Setting Table in the Port Status column, you can see that all the ports are down now. Configure the Port Security settings.From the left menu, expand and select Security > Port Security.Select the GE1 port.Scroll down and select Edit.For Interface Status, select Lock.For Learning Mode, make sure Classic Lock is selected.For Action on Violation, make sure Discard is selected.Select Apply.Select Close.Scroll down and select Copy Settings.Enter the remaining used ports. Use the examples shown in the UI as a guide.Select Apply.

You are the IT administrator for a small corporate network. To be more proactive in your defense against potential attacks, you want to save the system logs being captured by the pfSense firewall. In this lab, your task is to: Sign in to pfSense using:Username: adminPassword: P@ssw0rd (zero) Configure the general system logs to:Only show 25 logs at a time.Have a maximum log file size of 250000 bytes. Enable and configure remote system logging using the following instructions:Save the log files on CorpSever (192.168.0.10).Only forward system and firewall events. Answer the questions.

Complete this lab as follows: Sign in to the pfSense Management console.In the Username field, enter admin.In the Password field, enter P@ssw0rd (zero).Select SIGN IN or press Enter. Access the system log settings.From the pfSense menu bar, select Status > System Logs.From the top right, select Answer Questions.Answer Question 1. Configure the general logging options.Under the Status breadcrumb, select Settings.Set the GUI Log Entries field to 25 to show only 25 logs at a time in the GUI.Set the Log file size field to 250000 bytes (250 KB) to set the maximum size of each log file. Configure remote logging.Scroll to the bottom and, under Remote Logging Options, select Enable Remote Logging.Make sure the options are set as follows:Source address: Default (any)IP protocol: IPv4Remote log servers: 192.168.0.10For Remote Syslog Contents, select the following:System EventsFirewall EventsSelect Save. View the results of the changes made to the number of logs shown.Under the Status breadcrumb, select System.Answer Question 2.Select Score Lab.

You have been hired by a small hotel to configure how their guests access the internet. You have chosen to use pfSense's Captive Portal feature. Guests must pass through this portal to access the internet. In this lab, your task is to: Access the pfSense management console.Username: adminPassword: P@ssw0rd (zero) Add a Captive Portal zone named Guest_WiFi.Use the description Zone used for the guest Wi-Fi. Using the GuestWi-Fi interface, configure your portal as follows:Allow a maximum of 100 concurrent connections.Disconnect a user from the internet if their connection is inactive for 30 minutes.Disconnect a user from the internet after two hours regardless of activity.Limit users' download and upload speeds to 8000 and 2500 Kbit/s, respectively.Force users to pass through your portal prior to authentication. Allow the following MAC and IP address to pass through the portal:MAC: 00:00:1B:12:34:56IP: 198.28.1.100/16Give the IP address the description Admin's Laptop.

Complete this lab as follows: Sign in to the pfSense management console.In the Username field, enter admin.In the Password field, enter P@ssw0rd (zero).Select SIGN IN or press Enter. Add a Captive Portal zone.From the pfSense menu bar, select Services > Captive Portal.Select Add.For Zone name, enter Guest_WiFi.For Zone description, enter Zone used for the guest Wi-Fi.Select Save & Continue. Enable and configure the Captive Portal.Under Captive Portal Configuration, select Enable.For Interfaces, select GuestWi-Fi.For Maximum concurrent connections, select 100.For Idle timeout, enter 30.For Hard timeout, enter 120.Scroll down and select Per-user bandwidth restriction.For Default download (Kbit/s), enter 8000.For Default upload (Kbit/s), enter 2500.Under Authentication, use the drop-down menu to select None, don't authenticate users.Scroll to the bottom and select Save. Allow a MAC address to pass through the portal.From the Captive Portal page, select the Edit Zone icon (pencil).Under the Services breadcrumb, select MACs.Select Add.Make sure the Action field is set to Pass.For Mac Address, enter 00:00:1B:12:34:56.Select Save. Allow an IP address to pass through the portal.Under the Services breadcrumb, select Allowed IP Addresses.Select Add.For IP Address, enter 198.28.1.100.Use the IP address drop-down menu to select 16. This sets the subnet mask to 255.255.0.0.For the Description field, enter Admin's Laptop.Make sure Direction is set to Both.Select Save.

You are the security analyst for a small corporate network. You recently placed a web server in a screened subnet, or demilitarized zone (DMZ). You need to configure the perimeter firewall on the network security appliance (pfSense) to allow access to the web server from the LAN and from the WAN. You also want to allow all traffic from the LAN network to the DMZ network. In this lab, your task is to perform the following: Access the pfSense management console:Username: adminPassword: P@ssw0rd (zero) Add an HTTP firewall rule that allows traffic from the WAN to the web server in the DMZ. Add an HTTPS firewall rule that allows traffic from the WAN to the web server in the DMZ.Use the following table for the HTTP and HTTPS rules:ParameterSettingSourceWANSource and destination port/serviceHTTP (80), HTTPS (443)DestinationA single hostIP address for host172.16.1.5DescriptionsFor HTTP: HTTP to DMZ from WANFor HTTPS: HTTPS to DMZ from WAN Add a firewall rule that allows all traffic from the LAN network to the DMZ network. Use LAN to DMZ Any as the description.

Complete this lab as follows: Sign in to the pfSense management console.In the Username field, enter admin.In the Password field, enter P@ssw0rd (zero).Select SIGN IN or press Enter. Create and configure a firewall rule to pass HTTP traffic from the internet to the web server.From the pfSense menu bar, select Firewall > Rules.Under the Firewall breadcrumb, select DMZ.Select Add (either one).Make sure Action is set to Pass.Under Source, use the drop-down menu to select WAN net.Select Display Advanced.For Source Port Range, use the From drop-down menu to select HTTP (80).Under Destination, use the Destination drop-down menu to select Single host or alias.In the Destination Address field, enter 172.16.1.5Using the Destination Port Range drop-down menu, select HTTP (80).Under Extra Options, in the Description field, enter HTTP to DMZ from WAN.Select Save.Select Apply Changes. Create and configure a firewall rule to pass HTTPS traffic from the internet to the web server.For the rule just created, select the Copy icon (two files).Under Source, select Display Advanced.Change the Source Port Range to HTTPS (443).Under Destination, change the Destination Port Range to HTTPS (443).Under Extra Options, change the Description field to HTTPS to DMZ from WANSelect Save.Select Apply Changes. Create and configure a firewall rule to pass all traffic from the LAN network to the DMZ network.Select Add (either one).Make sure Action is set to Pass.For Interface, use the drop-down menu to select LAN.For Protocol, use the drop-down menu to select Any.Under Source, use the drop-down menu to select LAN net.Under Destination, use the drop-down menu to select DMZ net.Under Extra Options, in the Description field, enter LAN to DMZ Any.Select Save.Select Apply Changes.

You work as the IT security administrator for a small corporate network. Occasionally, you and your co-administrators need to access internal resources when you are away from the office. You would like to set up a Remote Access VPN using pfSense to allow secure access. In this lab, your task is to use the pfSense wizard to create and configure an OpenVPN Remote Access server using the following guidelines: Sign in to pfSense using:Username: adminPassword: P@ssw0rd (zero) Create a new certificate authority certificate using the following settings:Name: CorpNet-CACountry Code: GBState: CambridgeshireCity: WoodwaltonOrganization: CorpNet Create a new server certificate using the following settings:Name: CorpNetCountry Code: GBState: CambridgeshireCity: Woodwalton Configure the VPN server using the following settings:Interface: WANProtocol: UDP on IPv4 onlyDescription: CorpNet-VPNTunnel network IP: 198.28.20.0/24Local network IP: 198.28.56.18/24Concurrent Connections: 4DNS Server 1: 198.28.56.1 Configure the following:A firewall ruleAn OpenVPN rule Set the OpenVPN server just created to Remote Access (User Auth). Create and configure the following standard remote VPN users:UsernamePasswordFull NameblindleyL3tM31nNowBrian LindleyjphillipsL3tM31nTooJacob Phillips

Complete this lab as follows: Sign in to the pfSense management console.In the Username field, enter admin.In the Password field, enter P@ssw0rd (zero).Select SIGN IN or press Enter. Start the VPN wizard and select the authentication backend type.From the pfSense menu bar, select VPN > OpenVPN.From the breadcrumb, select Wizards.Under Select an Authentication Backend Type, make sure Local User Access is selected.Select Next. Create a new certificate authority certificate.For Descriptive Name, enter CorpNet-CA.For Country Code, enter GB.For State, enter Cambridgeshire.For City, enter Woodwalton.For Organization, enter CorpNet.Select Add new CA. Create a new server certificate.For Descriptive Name, enter CorpNet.Verify that all of the previous changes (Country Code, State/Providence, and City) are the same.Use all other default settings.Select Create new Certificate. Configure the VPN server.Under General OpenVPN Server Information:Use the Interface drop-down menu to select WAN.Verify that the Protocol is set to UDP on IPv4 only.For Description, enter CorpNet-VPN.Under Tunnel Settings:For Tunnel Network, enter 198.28.20.0/24.For Local Network, enter 198.28.56.18/24.For Concurrent Connections, enter 4.Under Client Settings, in DNS Server1, enter 198.28.56.1.Select Next. Configure the firewall rules.Under Traffic from clients to server, select Firewall Rule.Under Traffic from clients through VPN, select OpenVPN rule.Select Next.Select Finish. Set the OpenVPN server just created to Remote Access (User Auth).For the WAN interface, select the Edit Server icon (pencil).For Server mode, use the drop-down and select Remote Access (User Auth).Scroll to the bottom and select Save. Configure the following Standard VPN users.From the pfSense menu bar, select System > User Manager.Select Add.Configure the User Properties as follows:Username: UsernamePassword: PasswordFull name: FullnameScroll to the bottom and select Save.Repeat steps 8b-8d to create the remaining VPN users.

You are the IT administrator for a small corporate network. You want to make a web server that runs services accessible from the internet. To help protect your company, you want to place this server and other devices in a screened subnet, or demilitarized zone (DMZ). This DMZ and server need to be protected by the pfSense Security Gateway Appliance (pfSense). Since a few of the other devices in the DMZ require an IP address, you have also decided to enable DHCP on the DMZ network. In this lab, your task is to perform the following: Access the pfSense management console:Username: adminPassword: P@ssw0rd (zero) Add a new pfSense interface that can be used for the DMZ.Use DMZ as the interface name.Use a static IPv4 address of 172.16.1.1/16. Add a firewall rule for the DMZ interface that allows all traffic from the DMZ.Use Allow DMZ to any rule as the description. Configure and enable the DHCP server for the DMZ interface.Use a range of 172.16.1.100 to 172.16.1.200.

Complete this lab as follows: Sign into the pfSense management console.Enter admin in the Username field.In the Password field, enter P@ssw0rd (0 = zero).Select SIGN IN or press Enter. Configure an interface for the DMZ.From the pfSense menu bar, select Interfaces > Assignments.Select Add.Select OPT1.Select Enable interface.Change the Description field to DMZUnder General Configuration, use the IPv4 Configuration Type drop-down menu to select Static IPv4.Under Static IPv4 Configuration, change the IPv4 Address field. to 172.16.1.1Use the Subnet mask drop-down menu to select 16.Select Save.Select Apply Changes.(Optional) Verify the change as follows:From the menu bar, select pfsense COMMUNITY EDITION.Under Interfaces, verify that the DMZ is shown with the correct IP address. Add a firewall rule to the DMZ interface that allows all traffic from the DMZ.From the pfSense menu bar, select Firewall > Rules.Under the Firewall breadcrumb, select DMZ. (Notice that no rules have been created.)Select Add (either one).For the Action field, make sure Pass is selected.For the Interface field, make sure DMZ is selected.For the Protocol, use the drop-down menu to select Any.Under Source, use the drop-down menu to select DMZ net.Under Destination, make sure it is configured for any.Under Extra Options, enter Allow DMZ to any rule as the description.Scroll to the bottom and select Save.Select Apply Changes. Configure pfSense's DHCP server for the DMZ interface.From the menu bar, select Services > DHCP Server.Under the Services breadcrumb, select DMZ.Select Enable to enable DHCP server on the DMZ interface.Configure the Range field as follows:From: 172.16.1.100To: 172.16.1.200Scroll to the bottom and select Save.

You are the IT security administrator for a small corporate network. You believe a hacker has penetrated your network and is infiltrating it using ARP poisoning. In this lab, your task is to discover whether ARP poisoning is taking place as follows: Use Wireshark to capture packets on the enp2s0 interface for five seconds. Analyze the Wireshark packets to determine whether ARP poisoning is taking place.Use the 192.168.0.2 IP address to help make your determination. Answer the questions.

Complete this lab as follows: Use Wireshark to capture packets on the enp2s0 interface for five seconds.From the Favorites bar, select Wireshark.Maximize the window for easier viewing.Under Capture, select enp2s0.Select the blue fin to begin a Wireshark capture.After capturing packets for five seconds, select the red box to stop the Wireshark capture. Analyze the Wireshark packets to determine whether ARP poisoning is taking place.In the Apply a display filter field, type arp and press Enter to only show ARP packets.In the Info column, look for lines containing the 192.168.0.2 IP address.From the top right, select Answer Questions.Answer the questions.Select Score Lab.

You have been asked to perform administrative tasks for a computer that is not a member of a domain. To increase security and prevent unauthorized access to the computer, you need to configure specific password and account lockout policies. In this lab, your task is to use the Local Security Policy to configure the following password and account lockout policies: Configure password settings so that the user must:Cycle through 10 passwords before reusing an old one.Change the password every 90 days.Keep the password at least 14 days.Create a password at least 8 characters long.Create a password that meets complexity requirements, such as using uppercase letters, lowercase letters, numbers, or symbols. Configure the account lockout policy to: Lock out any user who enters 5 incorrect passwords. Unlock an account automatically after 60 minutes. Configure the number of minutes that must elapse after a failed logon attempt to 10 minutes.

Complete this lab as follows: Using Windows Administrative Tools, access the Local Security Policy.Select Start.Locate and expand Windows Administrative Tools.Select Local Security Policy.Maximize the window for easier viewing. Configure the password policies.From the left pane, expand Account Policies and then select Password Policy.From the center pane, expand the Policy column for better viewing.Double-click the policy to be configured.Configure the policy settings.Click OK.Repeat steps 2c-2e to configure the additional password policies. Configure the account lockout policies.From the left pane, select Account Lockout Policy.From the center pane, expand the Policy column.Double-click the policy to be configured.Configure the policy settings (as needed, answer any prompts shown).Click OK.Repeat steps 3c-3e to configure the additional lockout policies.

You are the IT security administrator for a small corporate network. You have had problems with users installing remote access services, like Remote Desktop Services and VNC Server. You need to find, stop, and disable these services on all computers running them. In this lab, your task is to: Use Zenmap to run a scan on the 192.168.0.0/24 network to look for the following open ports:Port 3389 - Remote Desktop Services (TermServices).Port 5900 - VNC Server (vncserver).Answer Questions 1 and 2. Disable and stop the services for the open ports found running on the applicable computers.Use the following table to identify the computers: IP AddressComputer Name192.168.0.30Exec192.168.0.31ITAdmin192.168.0.32Gst-Lap192.168.0.33Office1192.168.0.34Office2192.168.0.45Support192.168.0.46IT-Laptop

Complete this lab as follows: Using Zenmap, scan the network for open remote access ports.From the Favorites bar, select Zenmap.Maximize the windows for better viewing.In the Command field, use nmap -p [port number] 192.168.0.0/24 to scan the port.Select Scan (or press Enter) to scan the subnet for a given service.Using the table in the scenario, identify the computer(s) with the open port using the IP address found.From the top right, select Answer Questions.Answer Question 1.Repeat steps 1c-1e and then answer Question 2. For computers that have a remote access service port open, disable and then stop the applicable service from running.From the top left, select Floor 1 Overview.Select the computer with the remote access service port open. If needed, minimize or move the Lab Questions dialog.Right-click Start and select Computer Management.From the left pane, expand and select Services and Applications > Services.Maximize the window for better viewing.Double-click the service (Remote Desktop Services or VNC Server) that needs to be stopped.Using the Startup type drop-down menu, select Disabled.Under Service status, select Stop.Select OK.Repeat step 2a-2i.From the top right, select Answer Questions.Select Score Lab.

You work as the IT security administrator for a small corporate network. You recently set up the Remote Access VPN feature on your network security appliance to provide you and your fellow administrators with secure access to your network. You are currently at home and would like to connect your iPad to the VPN. Your iPad is connected to your home wireless network. In this lab, your task is to: Add an L2TP VPN connection using the following values:ParameterValueDescriptionCorpNetVPNServer198.28.56.22AccountmbrownSecret1a!2b@3c#4d$ Turn on the VPN. Verify that a connection is established. The password for mbrown is L3tM31nN0w (0 = zero).

Complete this lab as follows: Verify your connection to the Home-Wireless network.Select Settings.Select Wi-Fi.Verify that you are connected to the Home-Wireless network. Configure the IPSec VPN.From the left menu, select General.Scroll down and select VPN.Select Add VPN Configuration.Make sure L2TP is selected.Configure the VPN connection as follows:Description: CorpNetVPNServer: 198.28.56.22Account: mbrownSecret: 1a!2b@3c#4d$Select Save. Turn on the VPN.Under VPN Configuration, for Not Connected, slide the button to ON.Enter L3tM31nN0w (0 = zero) as the password.Select OK.

You are a network technician for a small corporate network. You would like to take advantage of the self-healing features provided by the small enterprise wireless solution you have implemented. You are already logged in as WxAdmin on the Wireless Controller console from ITAdmin. In this lab, your task is to perform the following: Configure self-healing on the wireless network.Automatically adjust AP radio power to optimize coverage when interference is present.Set the 2.4GHz and 5GHz radio channels to use the Background Scanning method to adjust for interference. Configure the background scanning needed for rogue device detection, AP locationing, and self-healing. Background scans should be performed on all radios every 30 seconds. Configure load balancing for all radios by adjusting the threshold to 40dB. Configure band balancing to allow 30% of clients to use the 2.4GHz radios. Reduce the power levels to -3dB for three access points in Building A to reduce RF emanations. Use the wireless survey results in the exhibit to identify the access points.

EXPLANATION Configure your wireless access points as follows: Configure Self Healing on the wireless network.From the Ruckus ZoneDirector, select the Configure tab.From the left menu, select Services.Under Self Healing, select Automatically adjust AP radio power to optimize coverage when interference is present.Use the Automatically adjust 2.4GHz channels using drop-down arrow to select Background Scanning.Use the Automatically adjust 5GHz channels using drop-down arrow to select Background Scanning.On the right, select Apply (in the Self Healing pane). Configure Background Scanning.Under Background Scanning, select Run a background scan on 2.4GHz radio.Enter 30 seconds.Select Run a background scan on 5GHz radio.Enter 30 seconds.On the right, select Apply. Configure Load Balancing.Under Load Balancing, select Run load balancing on 2.4GHz radio.In the Adjacent radio threshold(dB) field, enter 40.Select Run load balancing on 5GHz radio.In the Adjacent radio threshold(dB) field, enter 40.On the right, select Apply. Configure Band Balancing.Under Band Balancing, select Percent of clients on 2.4GHz radio.Enter 30.On the right, select Apply. Adjust the AP Power Level.From the left menu, select Access Points.From the top right, select Exhibit to determine which access points to adjust; then close the exhibit.Under Access Points, select Edit next to the access point to be modified.Under Radio B/G/N(2.4G) next to TX Power, make sure Override Group Config is selected.From the TX Power drop-down list, select -3dB (1/2).Under Radio A/N/AC(5G) next to TX Power, make sure Override Group Config is selected.From the TX Power drop-down list, select -3dB (1/2).Select OK.Repeat steps 5b - 5f for additional access points.