8795

/in /by

In this lab, you will perform the following tasks: Part 2: Configure Basic Device Settings Part 3: Configure Secure Router Administrative Access • Configure encrypted passwords and a login banner. • Configure the EXEC timeout value on console and VTY lines. • Configure login failure rates and VTY login enhancements. • Configure Secure Shell (SSH) access and disable Telnet. IT NE 2005 Assessments Copyright © 2016 VIT, All Rights Reserved. VIT and its logo are trademarks of Victorian Institute of Technolog 4 • Configure local authentication, authorization, and accounting (AAA) user authentication. • Secure the router against login attacks, and secure the IOS image and the configuration file. • Configure a router NTP server and router NTP clients. • Configure router syslog reporting and a syslog server on a local host. Part 4: Configure a Zone-Based Policy Firewall and Intrusion Prevention System • Configure a Zone-Based Policy Firewall (ZPF) on an ISR using the CLI. • Configure an intrusion prevention system (IPS) on an ISR using the CLI. Part 5: Secure Network Switches • Configure passwords and a login banner. • Configure management VLAN access. • Secure access ports. • Protect against Spanning Tree Protocol (STP) attacks. • Configure port security and disable unused ports. Part 6: Configure ASA Basic Settings and Firewall • Configure basic settings, passwords, date, and time. • Configure the inside and outside VLAN interfaces. • Configure port address translation (PAT) for the inside network. • Configure a Dynamic Host Configuration Protocol (DHCP) server for the inside network. • Configure administrative access via Telnet and SSH. • Configure a static default route for the Adaptive Security Appliance (ASA). • Configure Local AAA user authentication. • Configure a DMZ with a static NAT and ACL. • Verify address translation and firewall functionality. Part 7 Configure a DMZ, Static NAT, and ACLs on an ASA Part 8: Configure ASA Clientless SSL VPN Remote Access Using ASDM • Configure a remote access SSL VPN using the Cisco Adaptive Security Device Manager (ASDM). • Verify SSL VPN access to the portal. IT NE 2005 Assessments Copyright © 2016 VIT, All Rights Reserved. VIT and its logo are trademarks of Victorian Institute of Technolog 5 Part 9: Configure a Site-to-Site VPN between the ASA and ISR • Configure an IPsec site-to-site VPN between the ASA and R3-S0000 using ASDM and the CLI. • Activate and verify the IPsec site-to-site VPN tunnel between the ASA and R3.

Attachments:

IT-NE-2005-As….pdf