Test Out Network Pro Labs
4.3.8 Create DHCP Client Reservations Listen to simulation instructions You have several printers on Subnet1 that need static IP addresses assigned. In this lab, your task is to configure new reserved clients for each printer using the following steps: Use the CorpDHCP server, a virtual machine running on CorpServer. Configure the IPv4 scope. Use the following reservation information:
Access the CorpDCHP virtual server.From Hyper-V Manager, select CORPSERVER.Maximize the Hyper-V Manager window to view the available server.Double-click CorpDCHP to connect to the server. Configure the IP address.From Server Manager, select Tools > DHCP.From the left pane, expand CorpDHCP.CorpNet.local > IPv4 > Scope [192.168.0.1] Subnet1.Right-click Reservations and select New Reservation.In the Reservation name field, enter a reservation name.In the IP address field, enter the IP address.In the MAC address field, enter the MAC address.Under Supported types, select DHCP only (as needed).Select Add to create the client reservation.Select Yes to the DHCP prompt.Repeat steps 2d-2h for additional reservations.Select Close.
4.3.6 Configure DHCP Options You have just configured a scope on the CorpDHCP server to service the 192.168.0.0/24 subnet. You need to configure additional TCP/IP parameters for all clients serviced by the CorpDHCP server. In this lab, your task is to: Configure the following DHCP options for the CorpDHCP server (not on the Subnet1 scope):006 DNS Servers (in the following order).192.168.0.11192.168.10.11015 DNS Domain Name: CorpNet.local Configure Subnet1 scope options as follows:003 Router (default gateway) as 192.168.0.5
Access the CorpDCHP virtual server.From Hyper-V Manager, select CORPSERVER.Maximize the Hyper-V Manager window to view the available server.Right-click CorpDCHP and select Connect. Configure the DHCP server options.From Server Manager, select Tools > DHCP.Maximize the DHCP window for better viewing.Expand CorpDHCP.CorpNet.local > IPv4.Right-click Server Options and select Configure Options.Under Available Options, select the 006 DNS Servers.Under IP Address, enter 192.168.0.11.Select Add to add the IP address to the list.Under IP Address, enter the second 192.168.10.11 and then select Add.Scroll down and select 015 DNS Domain Name.In the String value field, enter CorpNet.local.Select OK to save the options you have defined. Configure DHCP scope options.Expand Scope [192.168.0.1] Subnet1.Right-click Scope Options and select Configure Options.Under Available Options, select the 003 Router.Under IP address, enter 192.168.0.5.Select Add to add the IP address to the list.Select OK to save the options you have defined.
4.3.4 Configure a DHCP server You are a network technician for a small corporate network. You want to use DHCP to provide TCP/IP address information to the workstations in the network. You already have a Windows Server 2019 server named CorpDHCP installed and running as a guest on CorpServer. You have installed the DHCP server role, and now you are ready to configure an IPv4 scope. In this lab, your task is to complete the following: On the CorpDHCP server (running as a guest on CorpServer), create a DHCP IPv4 scope with the following parameters:Scope name: Subnet1Address range: 192.168.0.20 to 192.168.0.200Length: 24Subnet mask: 255.255.255.0Exclusions and delays: Do not setLease duration: Accept the default durationScope option for the router (default gateway): 192.168.0.5Parent domain: Accept the defaultScope option for DNS servers: 163.128.78.93WINS Servers: Do not set On CorpDHCP, activate the Subnet1 scope. On Gst-Lap in the Lobby, confirm the DHCP scope settings by configuring the local area connection to obtain its IP and DNS addresses automatically from the DHCP server.
Access the CorpDHCP Hyper-V server.From Hyper-V Manager, select CORPSERVER.Resize the window to view all virtual machines.Double-click CorpDHCP to access the server. Access the DHCP New Scope Wizard.From Server Manager's menu bar, select Tools > DHCP.Expand CorpDHCP.CorpNet.local.Right-click IPv4 and select New Scope. Name the scope and configure the IP address range.From the New Scope Wizard, select Next.In the Name field, enter Subnet1 and then select Next.In the Start IP address field, enter 192.168.0.20.In the End IP address field, enter 192.168.0.200.Make sure the length is set to 24.Make sure the subnet mask is 255.255.255.0 and then select Next.From the Add Exclusions and Delay window, select Next.Use the default lease duration and select Next.Make sure Yes, I want to configure these options now is selected and then select Next. Configure the default gateway and DNS server.In the IP address field, enter the default gateway address of 192.168.0.5.Select Add and then select Next.In the IP address field, enter the DNS server address of 163.128.78.93.Select Add and then select Next.From the WINS Servers window, select Next. Activate the scope just created.Make sure Yes, I want to activate this scope now is selected and then select Next.Click Finish to close the wizard and create the scope. Configure the laptop in the Lobby to obtain IP and DNS addresses automatically from the DHCP server.From the top left, select Floor 1 Overview.Under Lobby, select Gst-Lap.In the notification area, right-click the Network icon and select Open Network and Internet settings.From the left pane, select Ethernet.From the right pane, select Change adapter options.Right-click Ethernet and then select Properties.Select Internet Protocol Version 4 (TCP/IPv4) and then click Properties.Select Obtain an IP address automatically.Select Obtain DNS server address automatically.Select OK.Click Close to close Ethernet Properties.
4.3.7 Create DHCP Exclusions You have just configured a scope on the CorpDHCP server to service the 192.168.0.0/24 subnet. You defined a scope to distribute IP addresses between 192.168.0.1 and 192.168.0.254. In this lab, your task is to: Prevent the DHCP server from assigning addresses to the servers and network devices.Use an exclusion range of 192.168.0.1 to 192.168.0.29.
Access the CorpDHCP Hyper-V server.From Hyper-V Manager, select CORPSERVER.Resize the window to view all virtual machines.Double-click CorpDHCP to access the server. Exclude the IP address range.From Server Manager's menu bar, select Tools > DHCP.Expand CorpDHCP.CorpNet.local > IPv4 > Scope.Right-click the Address Pool node and select New Exclusion Range.In the Start IP address field, enter 192.168.0.1.In the End IP address field, enter 192.168.0.29.Click Add.Click Close to close the Add Exclusion Range dialog.
You are a network technician for a small corporate network. The network is connected to the internet and uses DHCP for address assignments. The owner of the company in the Executive Office and a temporary employee in the IT Administrator office both report that their workstations can communicate with some computers on the network, but cannot access the internet. You need to diagnose and fix the problem. While completing this lab, use the following IP addresses: Computer NameIP AddressCorpServer192.168.0.10(Unknown)198.28.2.254(the ISP)ITAdmin(Unknown)Exec(Unknown) In this lab, your task is to complete the following: To help troubleshoot the issue, use:The ping, ipconfig, and tracert commands from the above computers.The DHCP server console in the Windows Server 2019 operating system, which is running as a VM on the CorpServer computer. Fix the problem at the workstation, the DHCP server, or both as necessary. Use the troubleshooting tools to confirm the resolution of the problem.
Access the CorpDHCP virtual server. From the top left, select Floor 1 Overview. Under Networking Closet, select CorpServer. From Hyper-V Manager, select CORPSERVER. Maximize the window to view all virtual machines. Double-click CorpDHCP to connect to the server. Confirm that the DHCP service is enabled and activated for the local network. From Server Manager, select Tools > DHCP to start the DHCP console. Maximize the window for better viewing. Expand CorpDHCP.CorpNet.local > IPv4.The down arrow for Scope [192.168.0.1] Subnet1 indicates that the scope is not active. Right-click Scope [192.168.0.1] Subnet1 and select Activate.The down arrow for the scope is gone, and the DHCP service for the local network is now active. Verify the fix by viewing the IP information for Exec and using the ping command. From the top left, select Floor 1 Overview. Under Executive Office, select Exec. From the PowerShell prompt, type ipconfig /all and press Enter to check the Ethernet configuration.Notice the lines for the default gateway, DNS server, and DHCP server are now configured, along with a new IP address within the DHCP scope for the local network. From the PowerShell prompt, type ping 198.28.2.254 and press Enter.Notice that the ping to the ISP succeeds. From the PowerShell prompt, type tracert 198.28.2.254 and press Enter. (Optional) Repeat step 3 for the ITAdmin computer. From the top right, select Answer Questions. Select Score Lab.
4.1.12 Configure IP Address on mobile devices: You work as the IT administrator for a small corporate network. An employee requires an IP for her work assignments. However, the DHCP server is unable to automatically issue the IP configuration. In this lab, your task is to: Configure a static IP address on the iPad using the following settings:IP address: 192.168.0.85Subnet mask: 255.255.255.0Default gateway: 192.168.0.5DNS: 192.168.0.11 Join the iPad to the CorpNet network.Use @CorpNetWeRSecure!& as the password.
Access the iPad IP address settings dialog.Select Settings.Select Wi-Fi.Under Choose A Network, for CorpNet, select the information icon (i).Configure a static IP address.From the right pane, select Static.Configure the IP information as follows:IP address: 192.168.0.85Subnet mask: 255.255.255.0Router (default gateway): 192.168.0.5DNS: 192.168.0.11Join the iPad to the CorpNet network.Select Join Network.In the Password field, type: @CorpNetWeRSecure!&Select Join.
4.1.11 Configure IP Addresses You work as the IT administrator for a small corporate network. You need to configure the workstation in the executive office so it can connect to the local network and the internet. The workstation has two network interface cards (named Ethernet and Ethernet 2). Having two network cards allows the workstation to connect to the local network (as shown in the exhibits) and another small network, which is not yet built. In this lab, your task is to complete the following: For both network cards, configure the IP version 4 TCP/IP settings using the settings specified the table below. From the Exec computer, ping the preferred DNS server assigned to the Ethernet NIC to verify that it can communicate successfully.
Access the properties for the NIC named Ethernet. Right-click Start and then select Settings. Select Network & Internet. From the right pane, select Change adapter options. Right-click Ethernet and then select Properties. Configure the IP version 4 TCP/IP settings for the Ethernet NIC. Select Internet Protocol Version 4 (TCP/IPv4). Select Properties. Make sure Use the following IP address is selected. This lets you manually configure the IP address and default gateway. Configure the Internet Protocol information as follows: IP address: 192.168.0.254 Subnet mask: 255.255.255.0 Default gateway: 192.168.0.5 Preferred DNS server: 163.128.78.93 or 163.128.80.93 Select OK. Select Close. Configure the IP version 4 TCP/IP settings for the Ethernet 2 NIC. From the Network Connections window, right-click Ethernet 2 and then select Properties. Select Internet Protocol Version 4 (TCP/IPv4). Select Properties. Make sure Use the following IP address is selected. Configure the Internet Protocol information as follows: IP address: 10.0.255.254 Subnet mask: 255.255.0.0 Default gateway: None Preferred DNS server: None Select OK. Select Close. Ping the preferred DNS server assigned to the Ethernet NIC. Right-click Start and select Windows PowerShell. From the PowerShell prompt, type ping default_preferred_DNS_Server_address and then press Enter.
4.4.4 Configure a DHCP Relay Agent You just installed DHCP service on the CorpDHCP server. You configured two scopes. The scope for Building A (Subnet1) is configured on the 192.168.0.0 network. The scope for Building B (Subnet2) is configured on the 192.168.10.0 network. After activating the scopes, you find that clients on Subnet1 receive IP addressing information from the DHCP server, but clients on Subnet2 have IP addresses in the 169.254.0.0/16 range. You realize that DHCP messages are not being forwarded through the router. In this lab, your task is to: Use Routing and Remote Access to configure CorpServer2 as a DHCP relay agent by performing the following:Add the DHCP relay agent routing protocol.Add NetTeam as a DHCP relay agent interface.Set the boot threshold to 0.Configure the DHCP relay agent properties to identify 192.168.0.14 as the DHCP server. Renew the TCP/IP information on Exec2 (the client machine in Building B). Verify that Exec2 has a network connection..
Add the DHCP relay agent routing protocol.From Server Manager, select Tools > Routing and Remote Access.Expand IPv4.Right-click General and select New Routing Protocol.Select DHCP Relay Agent and then select OK. Add and configure a relay agent interface.From the left pane, right-click DHCP Relay Agent and select New Interface.Select NetTeam and then select OK.Make sure Relay DHCP packets is selected.Set the boot threshold to 0 (zero).Select OK. Configure the DHCP relay agent properties to identify the DHCP server.Right-click DHCP Relay Agent and select Properties.In the Server address field, enter 192.168.0.14 (the IP address of the DHCP server).Select Add and then select OK. Renew the TCP/IP address and verify the connection.From the top left, select Floor 1.Under Manager Office, select Exec2.Right-click Start and select Windows PowerShell (Admin).In PowerShell, type ipconfig. Notice that the current IP address is on the 169.254.0.0 network.In PowerShell, type ipconfig /renew and then press Enter.The computer should receive an address on the 192.168.10.0 network.From the taskbar, select the network icon to view the connection status.
Listen to simulation instructions You just installed a new switch, and you want to manage the switch from a remote location. In this lab, your task is to set up remote management for the switch as follows: Configure the IP address and subnet mask for the VLAN 1 interface:IP address: 192.168.11.250Subnet mask: 255.255.255.0 Configure the switch to use the default gateways of 192.168.11.254 Verify the configurations using the show run command. Save your changes to the startup-config file.
Complete this lab as follows: Configure the IP address and subnet mask for the VLAN 1 interface.Select Switch.From the switch terminal, press Enter to get started.At the Switch> prompt, type enable and press Enter.At the Switch# prompt, type configure terminal and press Enter.At the Switch(config)# prompt, type interface vlan1 and press Enter.At the Switch(config-if)# prompt, type ip address 192.168.11.250 255.255.255.0 and press Enter.Type exit and press Enter. Configure the default gateway.At the Switch(config)# prompt, type ip default-gateway 192.168.11.254 and press Enter.At the prompt, type exit and press Enter. Verify the configuration changes.At the prompt, type show run and press Enter.Press the space bar as needed to verify that the correct changes were made.Type any key to exit show command. Save your changes to the startup-config file.At the Switch# prompt, type copy run start and press Enter.Press Enter to begin building the configuration.Press Enter to return to the prompt.
You are the network administrator for a small corporate network. While working on your Linux server, you have determined that you need to enable and disable a few services. In this lab, your task is to: Use the systemctl command to enable anaconda.service. Use the systemctl command to disable vmtoolsd.service. After each command, check the service status with the systemctl is-enabled command.
Complete this lab as follows: Enable the Anaconda service.From the Favorites bar, select Terminal.At the Terminal prompt, type systemctl enable anaconda.service and then press Enter.Type systemctl is-enabled anaconda.service and then press Enter to check the service's status. Disable the VMware Tools service.Type systemctl disable vmtoolsd.service and press Enter.Type systemctl is-enabled vmtoolsd.service and press Enter to check the service's status.
Pascal Bullock (pbullock) forgot her password and needs access to the resources on her computer. You are logged on as Sydney Hoffer. The password for the root account is P@ssw0rd (use a zero). In this lab, your task is to: Find Sydney Hoffer's username. Change the password for the pbullock user account to 1234asdf. Make sure the password is encrypted in the shadow file. Answer the question.
Correct answer:shoffer Change Pascal Bullock's password EXPLANATION Complete this lab as follows: Find your username.From the Favorites bar, select Terminal.Type whoami at the prompt.From the top right, select Answer Questions.Answer the question. Change Pascal Bullock's password.At the prompt, type su -c "passwd pbullock" and then press Enter.Type P@ssw0rd and then press Enter.This is the password for the root user.At the New password prompt, type 1234asdf and then press Enter.This is the new password for the schawla user account.At the Retype new password prompt, type 1234asdf and then press Enter.Select Score Lab.
Previous Resource7.4.9 Secure Access to a SwitchNext Resource Previous Resource Navigate to topNext Resource Listen to simulation instructions You are the IT security administrator for a small corporate network. You need to increase the security on the switch in the Networking Closet by restricting access management. In this lab, your task is to: Create an access profile named MgtAccess and configure it with the following settings:SettingValueAccess Profile NameMgtAccessRule Priority1Management MethodAllActionDenyApplies to InterfaceAllApplies to Source IP addressAll Add a profile rule to the MgtAccess profile with the following settings:SettingValueRule Priority2Management MethodHTTPActionPermitApplies to interfaceAllApplies to Source IP addressUser definedIP Version: Version 4IP Address: 192.168.0.10Network Mask: 255.255.255.0 Set the MgtAccess profile as the active access profile. Save the changes to the switch's startup configuration file using the default settings.
Create and configure an Access Profile named MgtAccess.From the left pane, expand and select Security > Mgmt Access Method > Access Profiles.Select Add.Enter the Access Profile Name of MgtAccess.Enter the Rule Priority of 1.For Action, select Deny.Select Apply and then select Close. Add a profile rule to the MgtAccess profile.From the left pane, under Security > Mgmt Access Method, select Profile Rules.From the right pane, select the MgtAccess profile and then select Add.Enter a Rule Priority of 2.For Management Method, select HTTP.For Applies to Source IP Address, select User Defined.For IP Address, enter 192.168.0.10.For Mask, enter a Network Mask of 255.255.255.0.Select Apply and then select Close. Set the MgtAccess profile as the active access profile.From the left pane, under Security > Mgmt Access Method, select Access Profiles.Use the Active Access Profile drop-down list to select MgtAccess.Select Apply.Select OK. Save the changes to the switch's startup configuration file.At the top, select Save.For Source File Name, make sure Running configuration is selected.For Destination File Name, make sure Startup configuration is selected.Select Apply.Select OK.
Listen to simulation instructions You have a single switch with a DHCP server connected to Fa0/24. The DHCP snooping feature is already enabled on SwitchA. Now you want to configure DHCP snooping and dynamic ARP inspection on the switch. In this lab, your task is to: Enable DHCP snooping globally on SwitchA. Enable DHCP snooping for VLAN 1.Use the Fa0/24 interface. Configure the port that the DHCP server is connected to as a trusted interface for DHCP snooping. Enable dynamic ARP inspection for VLAN 1. Save the changes to the startup-config file.
Enable DHCP snooping globally on SwitchA.Select SwitchA.In the terminal, press Enter to get started.At the SwitchA> prompt, type enable and press Enter.At the SwitchA# prompt, type config t and press Enter.At the SwitchA(config)# prompt, type ip dhcp snooping and press Enter. Enable DHCP snooping for VLAN1.At the SwitchA(config)# prompt, type ip dhcp snooping vlan 1 and press Enter.At the SwitchA(config)# prompt, type int fa0/24 and press Enter. Configure the port that the DHCP server is connected to as a trusted interface for DHCP snooping.At the SwitchA(config-if)# prompt, type ip dhcp snooping trust and press Enter.At the SwitchA(config-if)# prompt, type exit and press Enter. Enable dynamic ARP inspection for VLAN1.At the SwitchA(config)# prompt, type ip arp inspection vlan 1 and press Enter.Press Ctrl + Z. Save the changes to the startup-config file.At the SwitchA# prompt, type copy run start and press Enter.Press Enter to begin building the configuration.
You are a network technician for a small corporate network. Executives have decided to add an IP phone for guests in the Lobby and another for the company owner in the Executive Office. In this lab, your task is to complete the following: In the Lobby, complete the following:Connect the LAN port on the IP phone to the Ethernet port on the wall outlet.Plug in the IP phone using the power adapter. Connect the Exec workstation and its monitor to a surge protector. In the Executive Office, complete the following:Connect the LAN port on the IP phone to the Ethernet port on the wall outlet.Connect the PC port on the IP phone to the workstation's NIC.Plug in the IP phone using the power adapter.Confirm that the workstation is still connected to the network and the internet using the Settings app.
From the Lobby, disconnect the AC/DC adapter from the IP phone and the wall.Under Lobby, select Hardware.Above the IP phone, select Back to switch to the back view of the phone.Drag the DC power connector from the phone to the Shelf.Drag the AC power plug from the wall outlet to the Shelf.Above the IP phone, select Front to switch to the front view of the phone and confirm it is on. From the Executive Office, disconnect the AC/DC adapter from the IP phone and the wall.From the top left, select Floor 1 Overview.Under Executive Office, select Hardware.Above the IP phone, select Back to switch to the back view of the phone.Drag the DC power connector from the phone to the Shelf.Drag the AC power plug from the wall outlet to the Shelf.Above the IP phone, select Front to switch to the front view of the phone and confirm it is on. From the Support Office, connect an IP phone.From the top left, select Floor 1 Overview.Under Support Office, select Hardware.Under Shelf, expand Phones.Drag the IP Phone to the Workspace.Above the IP phone, select Back to switch to the back view of the phone.Above the workstation, select Back to switch to the back view of the workstation.Drag the RJ45 Ethernet cable from the workstation to the LAN port (top port) on the IP phone.Under Shelf, expand Cables and then select Cat5e Cable, RJ45.From the Selected Component pane:Drag an RJ45 Connector to the PC port on the phone.Drag the other unconnected RJ45 Connector to the NIC on the workstation. Make sure the Support computer is still connected to the internet.On the Support monitor, select Click to view Linux.From the favorites bar, select Terminal.From the terminal, type ping -c4 198.28.2.254 (the ISP) and press Enter.
You are the IT security administrator for a small corporate network. You need to increase the security on the switch by updating the switch's firmware. In this lab, your task is to: Import the latest firmware file found in C:\Sx300_Firmware. Change the switch's active image to the version just imported. Complete the required steps to be able to start using the new update.
Import a new firmware image for the Cisco switch.From the right pane, under Quick Access, select Upgrade Device Software.For File Name, select Choose File.Browse to and select C:\Sx300_Firmware\Sx300_FW-1.2.7.76.ros.Select Open.Select Apply.Select OK.Select Done. Change the switch's active image to 1.2.7.76.From the left pane, under Administration > File Management, select Active Image.For Active Image After Reboot, use the drop-down menu to select 1.2.7.76.Select Apply. Reboot the switch to be able to start using the new firmware.From the left pane, under Administration, select Reboot.From the right pane, select Reboot.Select OK.
4.2.4 Configure Alternate Addressing You work as the IT administrator for a small corporate network. The receptionist in your office has a laptop that runs Windows 10. He took it home and configured a static connection to his home network. When he returned to the office, he could no longer connect to the office network, which uses a DHCP server for IP address configuration. You need to configure the laptop to work on both networks (home and office). In this lab, your task is to configure the TCP/IPv4 properties for the Wi-Fi interface as follows: Verify the current state of the wireless network.Answer the question. Configure the interface to obtain its:IP address automatically.DNS server address automatically. Configure the alternate TCP/IP information using the following information:IP address: 172.16.0.12Subnet mask: 255.255.0.0Default gateway: 172.16.255.254Preferred DNS server: 198.60.22.2C
In the notification area, right-click the Network icon and select Open Network and Sharing Center.In the left pane, select Change adapter settings.Right-click Wi-Fi and select Properties.Select Internet Protocol Version 4 (TCP/IPv4).Select Properties.Select Obtain an IP address automatically.Select Obtain DNS server address automatically.Select the Alternate Configuration tab to define an alternate configuration for TCP/IP addressing.Select User configured to configure alternate IP settings.Enter the IP address.Enter the subnet mask.Enter the default gateway.Enter the preferred DNS server.Click OK.Click Close.Select the Network icon in the notification area to view the currently connected network.
You are a network technician for a small corporate network. You would like to use NTP to synchronize time on you network. You are currently logged in as the root user. On the CorpData server, your task is to: Use the dnf package manager to install the NTP service. Use the systemctl utility to verify that the NTP service is running. Answer Question 1. Find the IP address of the NTP server. Answer Question 2. On the Exec computer, your task is to: Add the NTP server as a time source using the following command:w32tm /config /manualpeerlist:[servers_ip_address],0x8 /syncfromflags:MANUAL /update Verify that the Exec computer is using the NTP server for time synchronization using the following command:w32tm /query /status
Install the NTP service on the CorpData server. Under Networking Closet, select CorpData. In the console, type dnf install ntp and then press Enter to begin the installation process. Type y and press Enter to install the NTP package. Verify that the NTP service is running. Type systemctl status ntp and press Enter. From the top left, select Answer Questions. Answer Question 1. Find the NTP server's IP address. Type ip addr show | more to view the NTP server's IP address. Answer Question 2. Add the NTP server as a time source for the Exec computer. From the top left, select Floor1. Under Executive Office, select Exec. Right-click Start and select Windows PowerShell (Admin). Configure Exec to use the NTP server with the following command: w32tm /config /manualpeerlist:192.168.0.24,0x8 /syncfromflags:MANUAL /update Verify that the Exec computer is using the NTP server for time synchronization. In the console, type w32tm /query /status and then press Enter. Select Score Lab.
Listen to simulation instructions After installing your Cisco switch, you would like to assign it a static IPv4 address and change the default VLAN used. In this lab, your task is to: Access the switch console using Google Chrome and the following information:Site: 192.168.0.2Username: ciscoPassword: cisco (case-sensitive) Configure an IPv4 static IP address for VLAN 1 using the following:IP address: 192.168.45.72Network mask: 255.255.255.0Administrative default gateway: 192.168.45.1 Change the switch's default VLAN ID to 16. Save the changes to the switch's startup configuration file. Reboot the switch.
Log in to the Cisco switch.In the Google Chrome URL field, type 192.168.0.2 and press Enter.Maximize the window for better viewing.In the Username and Password fields, enter cisco (case-sensitive).Select Log In. Assign a static IPv4 address to VLAN 1.From the left navigation pane, expand and select Administration > Management Interface > IPv4 Interface.From the right pane, for IP Address Type, select Static.Configure the IPv4 interface as follows:IP address: 192.168.45.72Mask: 255.255.255.0Administrative Default Gateway: 192.168.45.1Select Apply.Select OK.The switch will automatically log you out. Log in to the Cisco switch.In the Username and Password fields, enter cisco (case-sensitive).Select Log In. Change the default VLAN ID for the switch to VLAN 16.From the left pane, expand and select VLAN Management > Default VLAN Settings.Set Default VLAN ID After Reboot to 16.Select Apply and then select OK. Save the changes to the switch's startup configuration file.From the upper right of the switch window, select Save.For Source File Name, make sure Running configuration is selected.For Destination File Name, make sure Startup configuration is selected.Select Apply.Select OK.Select Done. Reboot the switch for changes to take effect.From the left pane, expand and select Administration > Reboot.From the right pane, select Reboot.Select OK.Wait for the switch to restart.From the upper right, select Score Lab.
As a network administrator, you have decided to implement port aggregation and combine multiple ports on your switch to increase throughput and provide redundancy with automatic fail-over and fail-back. In this lab, your task is to: Login to the Cisco switch console from Google Chrome:Username: cisco (case-sensitive))Password: cisco (case-sensitive) Create a new Link Aggregation Group (LAG1) named windows_server.Enable the Link Aggregation Control Protocol (LACP).Assign ports GE1 and GE2 as LAG members.. Configure LAG1 to the VLAN mode of access. Join LAG1 to VLAN13.. Verify the status of the new LAG1 group.Answer the questions. Save the changes to the switch's startup configuration file.
Log in to the Cisco switch.In the Username and Password fields, enter cisco (case-sensitive).Select Log In. Create a new Link Aggregation Group (LAG1).From the left pane, expand and select Port Management > Link Aggregation > LAG Management.From the right pane, select LAG 1 and then select Edit.In the LAG Name field, type windows_server.Select LACP to enable the Link Aggregation Control Protocol (LACP).Under Port List, press and hold the Shift key; then select GE1 and GE2.Select > to add the ports to the LAG Members pane.Select Apply.Select Close. Configure LAG1 to the VLAN mode of access.From the left pane, expand and select VLAN Management > Interface Settings.Using the Filter: Interface Type equals to drop-down menu, select LAG and then select Go.Select LAG1 and then select Edit.For Interface VLAN Mode, select Access.Select Apply.Select Close. Join LAG1 to VLAN13.From the left pane, expand and select VLAN Management > Port VLAN Membership.Using the Filter: Interface Type equals to drop-down menu, select LAG and then select Go.Select LAG1 and then select Join VLAN.Under Select VLAN, from the right pane, select 1U and then select < to remove VLAN1.From the left pane, select VLAN13; then select > to add the VLAN to the selected VLANs pane.Select Apply.Select Close. Verify the status of the new LAG1 group.From the left navigation bar, expand and select Port Management > Link Aggregation > LAG Management.From the top right, select Answer Questions.Answer the questions.This connection is now ready to use LACP.Minimize the Lab Questions window. Save the changes to the switch's startup configuration file.From the upper right of the switch window, select Save.For Source File Name, make sure Running configuration is selected.For Destination File Name, make sure Startup configuration is selected.Select Apply.Select OK.Select Done.From the top right, select Answer Questions.Select Score Lab.
Listen to simulation instructions As a network administrator, you need to mirror (copy) all network traffic received on a particular port on your switch so you can analyze the traffic using your intrusion detection system (IDS) for any abnormalities. In this lab, your task is to complete the following: From Google Chrome, access the switch console as follows:Site: 192.168.0.2Username: cisco (case-sensitive)Password: cisco (case-sensitive) Assign port GE26 to VLAN 1. Mirror the received traffic from port GE28 to port GE26. Save the changes to the switch's startup configuration file. Start Lab Last Score Report
Log in to the Cisco switch.Maximize the Google Chrome window for better viewing.In the Username and Password fields, enter cisco (case-sensitive).Select Log In. Assign port GE26 to VLAN 1.From the left pane, expand and select VLAN Management > Port VLAN Membership.Select GE26 and then select Join VLAN.From the left pane, under Select VLAN, select 1 (for VLAN 1).Select > to move VLAN 1 from the available pane to the attached VLAN pane.Select Apply and then select Close. Mirror the received traffic from port GE28 to port GE26.From the left pane, expand and select Administration > Diagnostics > Port and VLAN Mirroring.Select Add.For the Destination Port, use the drop-down list to select GE26.For the Source Interface, use the drop-down list to select GE28.For the Type, make sure that Rx only is selected. This allows you to only mirror the incoming packets.Select Apply and then select Close. Save the changes to the switch's startup configuration file.From the upper right of the switch window, select Save.For the Source File Name, make sure Running configuration is selected.For the Destination File Name, make sure Startup configuration is selected.Select Apply.Select OK.Select Done.
You are the security analyst for a small corporate network. You want to find specific information about the packets being exchanged on your network using Wireshark. In this lab, your task is to: Use Wireshark to capture packets from the enp2s0 interface. Use a Wireshark filter to isolate and examine packets for:All network traffic for 192.168.0.0.Answer Question 1.All network traffic for the 192.168.0.45 host.Answer Question 2.All IP traffic with a source address of 192.168.0.45.Answer Question 3.All IP traffic with a destination address of 192.168.0.45.Answer Question 4.All HTTP traffic on port 80.Answer Question 5.All packets with an Ethernet Mac address containing 11:12:13.Answer Question 6.All TCP packets that contain the word "password".Answer Question 7.
Q1What is the effect of the net 192.168.0.0 filter in Wireshark?Your answer:Correct answer:Only packets with either a source or destination address on the 192.168.0.x network are displayed. Isolate traffic with the host 192.168.0.45 filter. Q2What is the effect of the host 192.168.0.45 filter in Wireshark?Your answer:Correct answer:Only packets with 192.168.0.45 in either the source or destination address are displayed. Isolate traffic with the ip.src==192.168.0.45 filter. Q3What is the effect of the ip.src==192.168.0.45 filter in Wireshark?Your answer:Correct answer:Only packets with 192.168.0.45 in the source address are displayed. Isolate traffic with the ip.dst==192.168.0.45 filter. Q4What is the effect of the ip.dst==192.168.0.45 filter in Wireshark?Your answer:Correct answer:Only packets with 192.168.0.45 in the destination address are displayed. Isolate traffic with the tcp.port==80 filter. Q5What is the effect of the tcp.port==80 filter in Wireshark?Your answer:Correct answer:Only packets with port 80 in either the source or destination port are displayed. Isolate traffic with the eth contains 11:12:13 filter. Q6What is the effect of the eth contains 11:12:13 filter in Wireshark?Your answer:Correct answer:Only packets with 11:12:13 in either the source or destination MAC address are displayed. Isolate traffic with the tcp contains password filter. Q7What is the captured password?Your answer:Correct answer:hippophobia EXPLANATION Complete this lab as follows: Begin a Wireshark capture.From the Favorites bar, select Wireshark.Maximize the window for easier viewing.Under Capture, select enp2s0.Select the blue fin to begin a Wireshark capture. Apply the net 192.168.0.0 filter.In the Apply a display filter field, type net 192.168.0.0 and press Enter.Look at the source and destination addresses of the filtered packets.Select the red square to stop the Wireshark capture.In the top right, select Answer Questions.Answer Question 1. Apply the host 192.168.0.45 filter.Select the blue fin to begin a Wireshark capture.In the Apply a display filter field, type host 192.168.0.45 and press Enter.Look at the source and destination addresses of the filtered packets.Answer Question 2. Apply the ip.src==192.168.0.45 filt
You are the IT security administrator for a small corporate network. As a test, you want to spoof the DNS to redirect traffic as part of an on-path (man-in-the-middle) attack. To do this, you have decided to send all DNS requests for the RMK Office Supplies coming from the Exec computer to the RUS Office Supplies site. In this lab, your task is to complete the following: From the Exec computer, view normal access to the RMK Office Supplies website. From the Support computer, view the contents of the /etc/ettercap/etter.dns file to see which entry reroutes the request to the RMK Office Supplies site to the RUS Office Supplies site. Answer Question 1. Use Ettercap to configure DNS spoofing and an on-path attack using the following information:Use unified sniffing on the enp2s0 interface.Set Exec (192.168.0.30) as the target machine.Initiate DNS spoofing using an Ettercap plug-in.Initiate ARP poisoning on remote connections. From Exec, use Google Chrome to access www.rmksupplies.com and analyze the results. Answer Question 2.
Q1When a user tries to access the rmksupplies.com site, which IP address will they be redirected to?Your answer:203.12.42.54Correct answer:203.12.42.54 Use Ettercap to begin unified sniffing on the enp2s0 interface Set Exec as the target machine Initiate DNS spoofing using the Ettercap plug-in Initiate ARP poisoning on remote connections Confirm the redirection to Exec Q2Which of the following was a result of the DNS spoofing attack?Your answer:Queries to the rmksupplies.com site resulted in a prompt for a username and password.Correct answer:Queries to the rmksupplies.com site were redirected to the RUS Office Supplies site. EXPLANATION Complete this lab as follows: From Exec, view normal access to the RMK Office Supplies website.From the taskbar, select Google Chrome.In the URL field, type www.rmksupplies.com and press Enter.Notice that you are taken to the RMK Office Supplies website.Close Google Chrome. From Support, learn how Ettercap's DNS spoofing plug-in works by viewing the host file (etter.dns).From the top left, select Floor 1 Overview.Under Support Office, select Support.From the Favorites bar, select Terminal.From the Terminal prompt, type cd /etc/ettercap and then press Enter to change to the Ettercap directory.Type ls and then press Enter to view the current files.Type cat etter.dns and then press Enter to view the contents of the etter.dns file.Typing cat etter.dns | less lets you view the file one line at a time. If used, type q to end the cat command.At the bottom, locate the line that specifies where the RMK Office Supplies website will be redirected.From the top right, select Answer Questions.Answer Question 1.Minimize the Answer Questions dialog. Use Ettercap to begin unified sniffing on the enp2s0 interface.From the Favorites bar, select Ettercap.Select Sniff > Unified sniffing...From the Network Interface drop-down list, select enp2s0.Select OK. Set Exec (192.168.0.30) as the target machine.Select Hosts > Host list to view the hosts known to the tool.None are shown.Select Hosts > Scan for hosts to scan for hosts on the network.A list of hosts is shown.Under IP Address, select 192.168.0.30 (the Exec computer).Select Add to Target 1 to assign it as the target. Initiate DNS spoofing using
Listen to simulation instructions You are the IT security administrator for a small corporate network. You have had problems with users installing remote access services, like Remote Desktop Services and VNC Server. You need to find, stop, and disable these services on all computers running them. In this lab, your task is to: Use Zenmap to run a scan on the 192.168.0.0/24 network to look for the following open ports:Port 3389 - Remote Desktop Services (TermServices).Port 5900 - VNC Server (vncserver).Answer Questions 1 and 2. Disable and stop the services for the open ports found running on the applicable computers.Use the following table to identify the computers: IP AddressComputer Name192.168.0.30Exec192.168.0.31ITAdmin192.168.0.32Gst-Lap192.168.0.33Office1192.168.0.34Office2192.168.0.45Support192.168.0.46IT-Laptop
Q1Which computers have port 3389 open?Your answer:ITAdmin,Gst-LapCorrect answer:Office2 Q2Which computers have port 5900 open?Your answer:Support,IT-LaptopCorrect answer:ITAdmin Disable and stop services on port 3389 on Office2Show Details Disable and stop services on port 5900 on ITAdminShow Details EXPLANATION While completing this lab, use the following information: Ports to scan:3389 - Remote Desktop Services (TermServices)5900 - VNC Server (vncserver) Computer identification:IP AddressComputer Name192.168.0.30Exec192.168.0.31ITAdmin192.168.0.32Gst-Lap192.168.0.33Office1192.168.0.34Office2192.168.0.45Support192.168.0.46IT-Laptop Complete this lab as follows: Using Zenmap, scan the network for open remote access ports.From the Favorites bar, select Zenmap.Maximize the windows for better viewing.In the Command field, use nmap -p [port number] 192.168.0.0/24 to scan the port.Select Scan (or press Enter) to scan the subnet for a given service.Using the table in the scenario, identify the computer(s) with the open port using the IP address found.From the top right, select Answer Questions.Answer Question 1.Repeat steps 1c-1e and then answer Question 2. For computers that have a remote access service port open, disable and then stop the applicable service from running.From the top left, select Floor 1 Overview.Select the computer with the remote access service port open. If needed, minimize or move the Lab Questions dialog.Right-click Start and select Computer Management.From the left pane, expand and select Services and Applications > Services.Maximize the window for better viewing.Double-click the service (Remote Desktop Services or VNC Server) that needs to be stopped.Using the Startup type drop-down menu, select Disabled.Under Service status, select Stop.Select OK.Repeat step 2a-2i.From the top right, select Answer Questions.Select Score Lab.
In this lab, your task is to use pfSense's Snort to complete the following: Sign in to pfSense using the following:Username: adminPassword: P@ssw0rd (zero) Configure the following rules to be downloaded:Snort free registered User rulesOinkmaster code: 992acca37a4dbd7Snort GPLv2 Community rulesEmerging Threats Open rulesSourcefire OpenAppID DetectorsAPPID Open rules Configure rule updates to happen every 4 days at 12:10 a.m.Hide any deprecated rules. Block offending hosts for 1 day. Send all alerts to the system log when Snort starts and stops. Assign Snort to the WAN interface using Snort-WAN as the description.Include:Sending alerts to the system log.Automatically blocking hosts that generate a Snort alert. Start Snort on the WAN interface.
Sign in to the pfSense management console.In the Username field, enter admin.In the Password field, enter P@ssw0rd (zero).Select SIGN IN or press Enter. Access Snort Global Settings.From the pfSense menu bar, select Services > Snort.Under the Services breadcrumb, select Global Settings. Configure the required rules to be downloaded.Select Enable Snort VRT.In the Snort Oinkmaster Code field, enter 992acca37a4dbd7. You can copy and paste this from the scenario.Select Enable Snort GPLv2.Select Enable ET Open. Configure the Sourcefire OpenAppID Detectors to be downloaded.Under Sourcefire OpenAppID Detectors, select Enable OpenAppID.Select Enable RULES OpenAppID. Configure when and how often the rules will be updated.Under Rules Update Settings, use the Update Interval drop-down menu to select 4 DAYS.For Update Start Time, change to 00:10 (12:10 a.m. in 24-hour format).Select Hide Deprecated Rules Categories. Configure Snort General Settings.Under General Settings, use the Remove Blocked Hosts Interval drop-down menu to select 1 Day.Select Startup/Shutdown Logging.Select Save. Configure the Snort Interface settings for the WAN interface.Under the Services breadcrumb, select Snort Interfaces and then select Add.Under General Settings, make sure Enable interface is selected.For Interface, use the drop-down menu to select WAN (CorpNet_pfSense_L port 1).For Description, use Snort-WAN.Under Alert Settings, select Send Alerts to System Log.Select Block Offenders.Scroll to the bottom and select Save. Start Snort on the WAN interface.Under the Snort Status column, select the arrow to start Snort.Wait for a checkmark to appear, indicating that Snort was started successfully.
As a network administrator, you are setting up a new switch, and you need to configure trunking. You need to secure access to your switch, which is still configured with the default settings. In this lab, your task is to complete the following: From Google Chrome, access the switch console using the following:Site: 192.168.0.2Username: ciscoPassword: cisco Examine the default settings of all your ports.Answer Question 1. Set ports GE1 - GE26 to Access Mode. Set ports GE27 and GE28 to a port VLAN ID (PVID) of 2. Add VLANs 22, 44, and 67 to ports GE27 and GE28. Save the changes to the switch's startup configuration file.
og in to the CISCO switch. a. From the taskbar, select Google Chrome. b. In the URL field, enter 192.168.0.2 and press Enter. c. Maximize the window for better viewing. d. In the Username and Password fields, enter cisco (the password is case sensitive). e. Select Log In. Examine the switch port defaults. a. From the left navigation bar, expand and select VLAN Management > Interface Settings. b. Using the interface shown in the right pane, examine the settings for all ports. For a detailed view of a single port, you can select Edit. c. From the upper right, select Answer Questions. d. Answer Question 1. e. Minimize the Lab Questions dialog. Set ports GE1 through GE26 to Access Mode. a. From the Interface Settings pane, select GE1. b. Select Edit. c. Maximize the window for better viewing. d. For Interface VLAN Mode, select Access. e. Select Apply and then select Close. f. With GE1 still selected, click Copy Settings. g. In the to field, type 2-26 and then select Apply.Notice that under the Interface VLAN Mode column, ports GE1-GE26 are now set to Access. Set the port VLAN ID (PVID) for ports GE27-GE28 to the value of 2. a. Select the desired port and then select Edit. b. For the Administrative PVID, enter 2. c. Select Apply and then Close. d. Repeat steps 4a - 4c for the second port. Add VLANs 22, 44, and 67 to ports GE27 and GE28. a. From the left pane, under VLAN Management, select Port VLAN Membership. b. Select port GE27 and then select Join VLAN. c. From the new window, hold down the Shift key and select VLANs 22, 44, and 67; then select the > button to assign the VLANs. d. Select Apply and then select Close. e. Repeat steps 5b - 5d for port GE28. Save the changes to the switch's startup configuration file. a. From the top of the switch window, select Save. b. For Source File Name, make sure Running configuration is selected. c. For Destination File Name, make sure Startup configuration is selected. d. Select Apply. e. Select OK. f. Select Done. Score the lab. a. From the upper right, select Answer Questions. b. Select Score Lab.