SlideShare a Scribd company logo

Student Name _________________________________ Date _____________SE.docx

Download as DOCX, PDF
E
emelyvalg9

Student Name _________________________________ Date _____________SEC450 iLab3 Report Initial Configuration ISP Router version 12.3(4)T7 ! hostname ISP_Router ! interface FastEthernet0/0 ip address 200.100.0.1 255.255.255.0 ! interface FastEthernet1/0 ip address 200.100.40.1 255.255.255.0 ! interface Serial0/0 ip address 200.100.10.1 255.255.255.0 ! interface Serial0/1 ip address 200.100.20.1 255.255.255.0 ! router rip network 200.100.0.0 network 200.100.10.0 network 200.100.20.0 network 200.100.40.0 ! line con 0 line aux 0 line vty 0 4 password cisco line vty 5 15 password cisco ! end Note: RED text indicates the required questions to answer Task to Set up Security Policy for Offsite Database Server #1. Explain the meaning of the "three P's" best practice rule to create ACL in routers #2. Explain the difference between the following two access-list commands a) access-list 101 permit tcp any any eq 80 b) access-list 101 permit tcp any eq 80 any #3. What are well-known, registered, and ephemeral UDP/TCP ports? #4. What is wrong with ACL 105? access-list 105 permit tcp any any access-list 105 deny tcp host 201.141.0.3 any #5. What well-known TCP port does Oracle Database (sql net) server use? #6. A company is managing an Oracle Database located in a Public Server to support day-to-day operations in Dallas and Chicago networks. The company has requested its Internet Access Provider (ISP) to create the necessary ACL at the ISP router securing that only responses from Oracle server to certain hosts are allowed to enter Dallas and Chicago LANs. ISP network engineers decided to use extended ACL, and applies it to F0/0 interface in ISP router. Why did they decide to create an extended ACL and apply it in interface F0/0 for inbound traffic? #7. Copy below ISP router’s initial running-config file from page 2, and add the commands needed to create and apply the ACL in the ISP router. Answer all questions in this document and upload it in Week 3 iLab Dropbox. 3 Revision Date: 1103 1 SEC450 ACL Tutorial This document highlights the most important concepts on Access Control List (ACL) that you need to learn in order to configure ACL in CLI. This tutorial does not intend by any mean to cover all ACL applications, but only those scenarios used in then SEC450 iLabs. Introduction to Access Control List  A host-based firewall essentially works closing and/or opening ports in a computer. The engine behind firewalls is built with Access Control Lists (ACL).  Network-based firewalls are implemented in device-specific appliances and routers. Basically, firewalls in routers filter packets through interfaces to permit or deny them.  Ports are layer-4 address specified in TCP/IP protocol suit that identify networking processes running in clients and servers.  ACLs are configured using shell-specific commands. In Cisco IOS, CLI commands.

Education
1 of 25
Student Name _________________________________ Date _____________SEC450 iLab3 Report Initial Configuration ISP Router version 12.3(4)T7 ! hostname ISP_Router ! interface FastEthernet0/0 ip address 200.100.0.1 255.255.255.0 ! interface FastEthernet1/0 ip address 200.100.40.1 255.255.255.0 ! interface Serial0/0 ip address 200.100.10.1 255.255.255.0 ! interface Serial0/1 ip address 200.100.20.1 255.255.255.0 ! router rip network 200.100.0.0 network 200.100.10.0 network 200.100.20.0 network 200.100.40.0 ! line con 0 line aux 0 line vty 0 4 password cisco line vty 5 15 password cisco !
end Note: RED text indicates the required questions to answer Task to Set up Security Policy for Offsite Database Server #1. Explain the meaning of the "three P's" best practice rule to create ACL in routers #2. Explain the difference between the following two access- list commands a) access-list 101 permit tcp any any eq 80 b) access-list 101 permit tcp any eq 80 any #3. What are well-known, registered, and ephemeral UDP/TCP ports?
#4. What is wrong with ACL 105? access-list 105 permit tcp any any access-list 105 deny tcp host 201.141.0.3 any #5. What well-known TCP port does Oracle Database (sql net) server use? #6. A company is managing an Oracle Database located in a Public Server to support day-to-day operations in Dallas and Chicago networks. The company has requested its Internet Access Provider (ISP) to create the necessary ACL at the ISP router securing that only responses from Oracle server to certain hosts are allowed to enter Dallas and Chicago LANs. ISP network engineers decided to use extended ACL, and applies it to F0/0 interface in ISP router. Why did they decide to create an extended ACL and apply it in interface F0/0 for inbound traffic?
#7. Copy below ISP router’s initial running-config file from page 2, and add the commands needed to create and apply the ACL in the ISP router. Answer all questions in this document and upload it in Week 3 iLab Dropbox. 3 Revision Date: 1103 1 SEC450 ACL Tutorial This document highlights the most important concepts on Access Control List (ACL) that you need to learn in order to configure ACL in CLI. This tutorial does not intend by any mean to cover all ACL applications, but only those scenarios used in then SEC450
iLabs. Introduction to Access Control List -based firewall essentially works closing and/or opening ports in a computer. The engine behind firewalls is built with Access Control Lists (ACL). -based firewalls are implemented in device-specific appliances and routers. Basically, firewalls in routers filter packets through interfaces to permit or deny them. -4 address specified in TCP/IP protocol suit that identify networking processes running in clients and servers. -specific commands. In Cisco IOS, CLI commands access-list and access-group are used to create and apply ACL on an interface.
useful to identify ACL’s purpose. Extended ACL’s number IDs are from 100 to 199. filter through an interface. Hence, standard ACL denies or permits all packets (IP) with the same source IP regardless upper protocols, destination IP address, etc. Example 1: Router(config)#access-list 8 deny host 172.12.3.5 source IP address, source port number, destination IP address and destination port number. Example 2: Router(config)#access-list 102 deny tcp host 10.0.3.2 host
2 172.129.4.1 Deny tcp packets with source IP address 10.0.3.2 and destination IP address 172.129.4.1. to apply them in an interface as closer as possible to the concerning destination network. in an interface as closer as possible to the source IP address. on packets to filter. Create Extended ACL in global configuration -list command options lt, gt, eq, neq, range (less than, greater than, equal, not equal, range of ports) to do operation with port numbers.
Example 3: access-list 102 deny tcp any host 11.23.45.7 gt 20 denies all packets with any source IP address to destination IP address 11.23.45.7 and destination tcp port greater than 20. Example 4: access-list 107 permit udp any any permits all packets with udp protocol with any source IP address to any destination IP address. number and destination port number. access-list <#,name> <protocol> host <source_ip> <port_qualifier> <source_port_number> host <dest_ip> <port_qualifier> <dest_port_number> where: <#,name> is a number between 100 to 199 or a one-word name <protocol> is any protocol in the TCP/IP suite <source_ip> & <dest_ip> are the source and destination IP
addresses <port_qualifier> is optional, and can be eq, gt, lt, neq, & range <source_port_number> & <dest_port_number> follow <port_qualifier> to specify the port number(s). <port_qualifier> and <port_number> can be replaced by the application protocol. Example, http instead of eq 80 protocol, per interface, per traffic direction”. in CLI global configuration using access-list command(s). Then, apply the ACL using access-group command in CLI interface configuration. 3 -list commands.
Routers process the ACL commands in order; top first to bottom last. -list command depends upon previous access-list commands. Therefore, always write the commands in order; more-specific-traffic commands first, and, more-generic-traffic commands last. Example 5: Router(config)#access-list 101 deny tcp host 10.0.3.2 any Router(config)#access-list 101 permit tcp any any But never follows the order below, because the second command is worthless. Router(config)#access-list 101 permit tcp any any Router(config)#access-list 101 deny tcp host 10.0.3.2 any -list command at the end that denies all packets (i.e. deny ip any any). Hence, packets that are not specifically permitted in a command will be denied by the ACL. Example 6: Use command Router(config)#access-list 105 permit ip any any at
the end of ACL if it requires to permit all other traffic after denying packets with Router(config)#access-list 105 deny icmp any host 192.168.10.244 -list commands to filter packets from a subnet of source and/or destination IP addresses instead of single hosts. IP addresses in each of those subnets must be continuous. Here the syntax. Filtering on port numbers is also applicable, but it have been omitted for the sake of simplicity. access-list <#,name> <protocol> <source_ip> <source_wildcard> < <dest_ip> <dest_wildcard> where: <#,name> is a number between 100 to 199 or a one-word name <protocol> is any protocol in the TCP/IP suite <source_ip> & <dest_ip> are the source and destination IP addresses <source_wildcard> & <dest_wildcard> specify the subnet ranges of source and
destination IP addresses protocols such as EIGRP and OSPF. Wildcard bit 0 means the bit in the IP address must be the same as the corresponding bit in the subnet IP addresses. Wildcard bit 1 means the bit in the IP address can be any value (0 or 1). Example 7: access-list 105 deny udp 172.16.7.3 0.0.0.3 any means to deny all packets with udp protocol with source IP addresses from 172.16.7.0 to 4 172.16.7.3 to any destination IP address. Note that .3 means in binary .00000011 and .000000xx for wildcard. Example 8: access-list 109 permit tcp host 192.168.6.3 eq 80 10.0.0.0
0.0.0.255 means to permit all tcp packets from source IP address 192.168.6.3 and source port tcp 80 (i.e. http server) to destination IP addresses in the subnet 10.0.0.0 to 10.0.0.255. The fact that 10.0.0.0 would not qualify for host IP in classful networks has been ignored for simplicity. host in access-list commands. Example 9: access-list 110 permit ip host 10.23.4.3 host 10.30.2.1 and access-list 110 permit ip 10.23.4.3 0.0.0.0 10.30.2.1 0.0.0.0 are equivalent commands. Both permit filtering packets with source IP address 10.23.4.3 and destination IP address 10.30.2.1. -list commands when the ACL requires filtering packets on subnet of IP addresses; either at source, destination or both. Apply to an Interface a created ACL
that permits filtering any traffic excepting udp packets with source IP address 10.23.4.3 and destination IP address 10.30.2.1 as shown in the network diagram below. configuration. Router#config t Router(config)#access-list 103 deny udp host 10.23.4.3 host 10.30.2.1 Router(config)#access-list 103 permit ip any any the source. The interface is S0/1 in Router for traffic coming from IP 10.23.4.3. Router(config)#interface s0/1 Router(config-if)#ip access-group 103 in 5
then erase first the ACL from global and interface configurations. To erase ACL 103 from the previous example execute the following commands: Router(config)#no ip access-list 103 Router(config)#interface s0/1 Router(config-if)#no ip access-group 103 Now, you can start over creating ACL 103. If you do not erase the ACL first, then access-list commands will be compounding in the configuration file producing unexpected behavior. Use command show run to verify the ACL is erase and created again correctly. Verify ACL Configuration in a router R to deny TCP traffic coming through interface Serial 0/2 from source IP address 10.16.2.1 to destination IP address172.16.5.3 with destination port number greater than 200. Then, the ACL should permit filtering any other traffic.
ed to do in CLI. First, create the ACL. Second, apply the ACL to interface Serial 0/2. R> enable R# config t R(config)# access-list 101 deny tcp host 10.16.2.1 host 172.16.5.3 gt 200 R(config)# access-list 101 permit ip any any this command is needed to permit any other traffic after denying the one from previous command. R(config)# interface serial0/2 R(config-if)# ip access-group 101 in this command is to apply the ACL to serial0/2 for traffic coming in. R(config-if)# exit R# show run this is to verify the ACL configuration is correct in running-config.file R#show running-config version 12.3 ! hostname R !
interface FastEthernet0/0 ip address 192.168.200.1 255.255.255.0 ! interface FastEthernet0/1 ip address 192.168.20.1 255.255.255.0 shutdown ! interface Serial0/0 ip address 200.100.20.2 255.255.255.0 6 ! interface Serial0/1 ip address 192.168.30.2 255.255.255.0 shutdown !
interface Serial0/2 ip address 192.168.40.1 255.255.255.0 ip access-group 101 in ! router rip network 192.168.200.0 network 200.100.20.0 ! ip default-network 200.100.20.0 ip route 0.0.0.0 0.0.0.0 serial0/0 ! ! access-list 101 permit tcp host 10.16.2.1 host 172.16.5.3 gt 200 access-list 101 permit ip any any ! ! line con 0 line aux 0
line vty 0 4 password cisco line vty 5 15 password cisco ! end below and start over again R# config t R(config)# no access-list 101 R(config)# interface serial0/2 R(config-if)#no ip access-group 101 Student Name _________________________________ Date _____________Database Server Security Demands – iLab3 Objectives In this lab, the students will examine the following objectives. · Become familiar with well-known and ephemeral ports · Create ACL to meet requirements on database security demands · Learn best practices to create and apply ACLs. Scenario A small company is using the topology shown below. The
Public Server is actually an off-site Database Server that contains company records. Assume that the 200.100.0.0/16 network represents the Internet. The Dallas and Chicago Servers and hosts need to access the database server securely. Only users in the Dallas and Chicago LANs should be able to access the database server. Topology The last page of the lab assignment document contains a full- page topology. Remove this page and use it for reference to the topology and the IP addresses.
Initial Configuration The Dallas, Chicago, and ISP Routers’ FastEthernet and Serial interfaces used for the lab have been correctly configured and enabled. Unused interfaces have been shutdown. The RIP routing tables are complete for all routers and hosts. No ACLs have been applied to any of the routers. Below is the initial running-config file in ISP router. version 12.3(4)T7 ! hostname ISP_Router ! interface FastEthernet0/0 ip address 200.100.0.1 255.255.255.0 ! interface FastEthernet1/0 ip address 200.100.40.1 255.255.255.0 ! interface Serial0/0 ip address 200.100.10.1 255.255.255.0 ! interface Serial0/1 ip address 200.100.20.1 255.255.255.0 ! router rip network 200.100.0.0 network 200.100.10.0 network 200.100.20.0 network 200.100.40.0 ! line con 0 line aux 0 line vty 0 4
password cisco line vty 5 15 password cisco ! end Lab Data Collection and Submission Download and open the lab document file: SEC450_DB- SecurityDemands_Report.docx. Enter your name and date at the top of the lab document. As you complete each task of the lab assignment entering all relevant configuration commands, and, answered questions (as specified in the iLab assignment) into this lab document. You will submit the completed SEC450_DB_SecurityDemands_Report.docx file into the this week’s eCollege iLab Dropbox. Note: RED text indicates the required questions to answer Task to Set up Security Policy for Offsite Database Server The following requirements were given to the network engineer to create and apply ACL 100 in ISP router 1. Permit SQL database traffic from the Public server to the Dallas Host. 2. Permit SQL database traffic from the Public server to the Dallas Server. 3. Permit SQL database traffic from the Public server to the Chicago Host. 4. Permit SQL database traffic from the Public server to the Chicago Server. 5. Deny all other TCP traffic from the Public server to any destination. 6. Permit all other traffic. #1. Explain the meaning of the "three P's" best practice rule to
create ACL in routers #2. Explain the difference between the following two access- list commands a) access-list 101 permit tcp any any eq 80 b) access-list 101 permit tcp any eq 80 any #3. What are well-known, registered, and ephemeral UDP/TCP ports? #4. What is wrong with ACL 105? access-list 105 permit tcp any any access-list 105 deny tcp host 201.141.0.3 any
#5. What well-known TCP port does Oracle Database (sql net) server use? #6. A company is managing an Oracle Database located in a Public Server to support day-to-day operations in Dallas and Chicago networks. The company has requested its Internet Access Provider (ISP) to create the necessary ACL at the ISP router securing that only responses from Oracle server to certain hosts are allowed to enter Dallas and Chicago LANs. ISP network engineers decided to use extended ACL, and applies it to F0/0 interface in ISP router. Why did they decide to create an extended ACL and apply it in interface F0/0 for inbound traffic? #7. Copy below ISP router’s initial running-config file from page 2, and add the commands needed to create and apply the ACL in the ISP router.
Answer all questions in the iLab Report document and upload it in Week 3 iLab Dropbox. 4 Revision Date: 1103

Recommended

1 SEC450 ACL Tutorial This document highlights.docx
1 SEC450 ACL Tutorial This document highlights.docx1 SEC450 ACL Tutorial This document highlights.docx
1 SEC450 ACL Tutorial This document highlights.docx
dorishigh
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnaernestlithur
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnarobertoxe
 
Ip Access Lists
Ip Access ListsIp Access Lists
Ip Access Lists
CCNAResources
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commands
tmavroidis
 
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
Salem Trabelsi
 
Basic ip traffic management with access control lists
Basic ip traffic management with access control listsBasic ip traffic management with access control lists
Basic ip traffic management with access control lists
Sourabh Badve
 
Easy steps-cisco-extended-access-list-231
Easy steps-cisco-extended-access-list-231Easy steps-cisco-extended-access-list-231
Easy steps-cisco-extended-access-list-231
Stillward Laud Mark-Mills
 

Recommended

1 SEC450 ACL Tutorial This document highlights.docx
1 SEC450 ACL Tutorial This document highlights.docx1 SEC450 ACL Tutorial This document highlights.docx
1 SEC450 ACL Tutorial This document highlights.docx
dorishigh
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnaernestlithur
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnarobertoxe
 
Ip Access Lists
Ip Access ListsIp Access Lists
Ip Access Lists
CCNAResources
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commands
tmavroidis
 
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
Salem Trabelsi
 
Basic ip traffic management with access control lists
Basic ip traffic management with access control listsBasic ip traffic management with access control lists
Basic ip traffic management with access control lists
Sourabh Badve
 
Easy steps-cisco-extended-access-list-231
Easy steps-cisco-extended-access-list-231Easy steps-cisco-extended-access-list-231
Easy steps-cisco-extended-access-list-231
Stillward Laud Mark-Mills
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
adam_merritt
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnaLakshan Perera
 
acn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfacn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdf
Qual4
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACL
faust0
 
Router security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summaryRouter security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summary
moonmanik
 
Cisco discovery drs ent module 8 - v.4 in english.
Cisco discovery drs ent module 8 - v.4 in english.Cisco discovery drs ent module 8 - v.4 in english.
Cisco discovery drs ent module 8 - v.4 in english.igede tirtanata
 
Components of computer systems often have dependencies--other co.pdf
Components of computer systems often have dependencies--other co.pdfComponents of computer systems often have dependencies--other co.pdf
Components of computer systems often have dependencies--other co.pdf
alamodeindia1
 
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdfLab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
adityacommunication1
 
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfcisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
AsgarAlam6
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
ccna project on topic company infrastructure
ccna project on topic company infrastructureccna project on topic company infrastructure
ccna project on topic company infrastructure
Prince Gautam
 
Modul 5 access control list
Modul 5 access control listModul 5 access control list
Modul 5 access control list
diah risqiwati
 
Skip to Main content.docx
Skip to Main content.docxSkip to Main content.docx
Skip to Main content.docx
TUYAMBAZEJEANCLAUDE1
 
Socket programming
Socket programming Socket programming
Socket programming
Rajivarnan (Rajiv)
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
Tarun Khaneja
 
Extended Access Lists
Extended Access Lists Extended Access Lists
Extended Access Lists
NetProtocol Xpert
 
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
rediani
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2Kris Mofu
 
Icnd210 s06l02
Icnd210 s06l02Icnd210 s06l02
Icnd210 s06l02
computerlenguyen
 
you will post on a current political issue that interests you and be.docx
you will post on a current political issue that interests you and be.docxyou will post on a current political issue that interests you and be.docx
you will post on a current political issue that interests you and be.docx
emelyvalg9
 
You will examine and summarize the public health responses to your s.docx
You will examine and summarize the public health responses to your s.docxYou will examine and summarize the public health responses to your s.docx
You will examine and summarize the public health responses to your s.docx
emelyvalg9
 

More Related Content

Similar to Student Name _________________________________ Date _____________SE.docx

Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
adam_merritt
 
acn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfacn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdf
Qual4
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACL
faust0
 
Router security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summaryRouter security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summary
moonmanik
 
Cisco discovery drs ent module 8 - v.4 in english.
Cisco discovery drs ent module 8 - v.4 in english.Cisco discovery drs ent module 8 - v.4 in english.
Cisco discovery drs ent module 8 - v.4 in english.igede tirtanata
 
Components of computer systems often have dependencies--other co.pdf
Components of computer systems often have dependencies--other co.pdfComponents of computer systems often have dependencies--other co.pdf
Components of computer systems often have dependencies--other co.pdf
alamodeindia1
 
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdfLab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
adityacommunication1
 
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfcisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
AsgarAlam6
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
ccna project on topic company infrastructure
ccna project on topic company infrastructureccna project on topic company infrastructure
ccna project on topic company infrastructure
Prince Gautam
 
Modul 5 access control list
Modul 5 access control listModul 5 access control list
Modul 5 access control list
diah risqiwati
 
Skip to Main content.docx
Skip to Main content.docxSkip to Main content.docx
Skip to Main content.docx
TUYAMBAZEJEANCLAUDE1
 
Socket programming
Socket programming Socket programming
Socket programming
Rajivarnan (Rajiv)
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
Tarun Khaneja
 
Extended Access Lists
Extended Access Lists Extended Access Lists
Extended Access Lists
NetProtocol Xpert
 
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
rediani
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2Kris Mofu
 
Icnd210 s06l02
Icnd210 s06l02Icnd210 s06l02
Icnd210 s06l02
computerlenguyen
 

Similar to Student Name _________________________________ Date _____________SE.docx (20)

Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccna
 
acn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdfacn-practical_manual-19-20-1 final.pdf
acn-practical_manual-19-20-1 final.pdf
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACL
 
Router security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summaryRouter security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summary
 
Cisco discovery drs ent module 8 - v.4 in english.
Cisco discovery drs ent module 8 - v.4 in english.Cisco discovery drs ent module 8 - v.4 in english.
Cisco discovery drs ent module 8 - v.4 in english.
 
Components of computer systems often have dependencies--other co.pdf
Components of computer systems often have dependencies--other co.pdfComponents of computer systems often have dependencies--other co.pdf
Components of computer systems often have dependencies--other co.pdf
 
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdfLab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
 
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfcisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
 
ccna project on topic company infrastructure
ccna project on topic company infrastructureccna project on topic company infrastructure
ccna project on topic company infrastructure
 
Modul 5 access control list
Modul 5 access control listModul 5 access control list
Modul 5 access control list
 
Skip to Main content.docx
Skip to Main content.docxSkip to Main content.docx
Skip to Main content.docx
 
Socket programming
Socket programming Socket programming
Socket programming
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
 
Extended Access Lists
Extended Access Lists Extended Access Lists
Extended Access Lists
 
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2
 
Icnd210 s06l02
Icnd210 s06l02Icnd210 s06l02
Icnd210 s06l02
 

More from emelyvalg9

you will post on a current political issue that interests you and be.docx
you will post on a current political issue that interests you and be.docxyou will post on a current political issue that interests you and be.docx
you will post on a current political issue that interests you and be.docx
emelyvalg9
 
You will examine and summarize the public health responses to your s.docx
You will examine and summarize the public health responses to your s.docxYou will examine and summarize the public health responses to your s.docx
You will examine and summarize the public health responses to your s.docx
emelyvalg9
 
You will engage with intercultural communication outside of class..docx
You will engage with intercultural communication outside of class..docxYou will engage with intercultural communication outside of class..docx
You will engage with intercultural communication outside of class..docx
emelyvalg9
 
You will create a critical book review. It MUST contain the followin.docx
You will create a critical book review. It MUST contain the followin.docxYou will create a critical book review. It MUST contain the followin.docx
You will create a critical book review. It MUST contain the followin.docx
emelyvalg9
 
You will craft a business report that demonstrates the company’s abi.docx
You will craft a business report that demonstrates the company’s abi.docxYou will craft a business report that demonstrates the company’s abi.docx
You will craft a business report that demonstrates the company’s abi.docx
emelyvalg9
 
You will create a thread in response to the provided prompt for each.docx
You will create a thread in response to the provided prompt for each.docxYou will create a thread in response to the provided prompt for each.docx
You will create a thread in response to the provided prompt for each.docx
emelyvalg9
 
you will choose a social issue affecting the workplace and working.docx
you will choose a social issue affecting the workplace and working.docxyou will choose a social issue affecting the workplace and working.docx
you will choose a social issue affecting the workplace and working.docx
emelyvalg9
 
You will accomplish several acid-base titration exercises to complet.docx
You will accomplish several acid-base titration exercises to complet.docxYou will accomplish several acid-base titration exercises to complet.docx
You will accomplish several acid-base titration exercises to complet.docx
emelyvalg9
 
You will be creating the front page of The Terrace Gazette. Your.docx
You will be creating the front page of The Terrace Gazette. Your.docxYou will be creating the front page of The Terrace Gazette. Your.docx
You will be creating the front page of The Terrace Gazette. Your.docx
emelyvalg9
 
You want to create a study to examine the psychological factors affe.docx
You want to create a study to examine the psychological factors affe.docxYou want to create a study to examine the psychological factors affe.docx
You want to create a study to examine the psychological factors affe.docx
emelyvalg9
 
You will be completing a Spotlight on a selected African nation.  .docx
You will be completing a Spotlight on a selected African nation.  .docxYou will be completing a Spotlight on a selected African nation.  .docx
You will be completing a Spotlight on a selected African nation.  .docx
emelyvalg9
 
You receive a document (linked below) by certified mail. After readi.docx
You receive a document (linked below) by certified mail. After readi.docxYou receive a document (linked below) by certified mail. After readi.docx
You receive a document (linked below) by certified mail. After readi.docx
emelyvalg9
 
You receive a document (linked below) by certified mail. After rea.docx
You receive a document (linked below) by certified mail. After rea.docxYou receive a document (linked below) by certified mail. After rea.docx
You receive a document (linked below) by certified mail. After rea.docx
emelyvalg9
 
You recently received a Leader of the Year award from a local ci.docx
You recently received a Leader of the Year award from a local ci.docxYou recently received a Leader of the Year award from a local ci.docx
You recently received a Leader of the Year award from a local ci.docx
emelyvalg9
 
Student NameStudent ID No. Assessment Task 2. .docx
Student NameStudent ID No. Assessment Task 2. .docxStudent NameStudent ID No. Assessment Task 2. .docx
Student NameStudent ID No. Assessment Task 2. .docx
emelyvalg9
 
Student Name Brief #5 Use of Audit Software Review and Survey.docx
Student Name Brief #5 Use of Audit Software Review and Survey.docxStudent Name Brief #5 Use of Audit Software Review and Survey.docx
Student Name Brief #5 Use of Audit Software Review and Survey.docx
emelyvalg9
 
Student Instructions.JPGStudent.xlsxDocumentationCBAAuthor.docx
Student Instructions.JPGStudent.xlsxDocumentationCBAAuthor.docxStudent Instructions.JPGStudent.xlsxDocumentationCBAAuthor.docx
Student Instructions.JPGStudent.xlsxDocumentationCBAAuthor.docx
emelyvalg9
 
Student Lab Activity A. Lab # CIS CIS170A-A1B. Lab.docx
Student Lab Activity A. Lab # CIS CIS170A-A1B. Lab.docxStudent Lab Activity A. Lab # CIS CIS170A-A1B. Lab.docx
Student Lab Activity A. Lab # CIS CIS170A-A1B. Lab.docx
emelyvalg9
 
Student Name________________ 1. Article Title, Author, Da.docx
Student Name________________ 1. Article Title, Author, Da.docxStudent Name________________ 1. Article Title, Author, Da.docx
Student Name________________ 1. Article Title, Author, Da.docx
emelyvalg9
 
Student ID 52421157 Exam 250758RR - Essentials of Psycho.docx
Student ID 52421157 Exam 250758RR - Essentials of Psycho.docxStudent ID 52421157 Exam 250758RR - Essentials of Psycho.docx
Student ID 52421157 Exam 250758RR - Essentials of Psycho.docx
emelyvalg9
 

More from emelyvalg9 (20)

you will post on a current political issue that interests you and be.docx
you will post on a current political issue that interests you and be.docxyou will post on a current political issue that interests you and be.docx
you will post on a current political issue that interests you and be.docx
 
You will examine and summarize the public health responses to your s.docx
You will examine and summarize the public health responses to your s.docxYou will examine and summarize the public health responses to your s.docx
You will examine and summarize the public health responses to your s.docx
 
You will engage with intercultural communication outside of class..docx
You will engage with intercultural communication outside of class..docxYou will engage with intercultural communication outside of class..docx
You will engage with intercultural communication outside of class..docx
 
You will create a critical book review. It MUST contain the followin.docx
You will create a critical book review. It MUST contain the followin.docxYou will create a critical book review. It MUST contain the followin.docx
You will create a critical book review. It MUST contain the followin.docx
 
You will craft a business report that demonstrates the company’s abi.docx
You will craft a business report that demonstrates the company’s abi.docxYou will craft a business report that demonstrates the company’s abi.docx
You will craft a business report that demonstrates the company’s abi.docx
 
You will create a thread in response to the provided prompt for each.docx
You will create a thread in response to the provided prompt for each.docxYou will create a thread in response to the provided prompt for each.docx
You will create a thread in response to the provided prompt for each.docx
 
you will choose a social issue affecting the workplace and working.docx
you will choose a social issue affecting the workplace and working.docxyou will choose a social issue affecting the workplace and working.docx
you will choose a social issue affecting the workplace and working.docx
 
You will accomplish several acid-base titration exercises to complet.docx
You will accomplish several acid-base titration exercises to complet.docxYou will accomplish several acid-base titration exercises to complet.docx
You will accomplish several acid-base titration exercises to complet.docx
 
You will be creating the front page of The Terrace Gazette. Your.docx
You will be creating the front page of The Terrace Gazette. Your.docxYou will be creating the front page of The Terrace Gazette. Your.docx
You will be creating the front page of The Terrace Gazette. Your.docx
 
You want to create a study to examine the psychological factors affe.docx
You want to create a study to examine the psychological factors affe.docxYou want to create a study to examine the psychological factors affe.docx
You want to create a study to examine the psychological factors affe.docx
 
You will be completing a Spotlight on a selected African nation.  .docx
You will be completing a Spotlight on a selected African nation.  .docxYou will be completing a Spotlight on a selected African nation.  .docx
You will be completing a Spotlight on a selected African nation.  .docx
 
You receive a document (linked below) by certified mail. After readi.docx
You receive a document (linked below) by certified mail. After readi.docxYou receive a document (linked below) by certified mail. After readi.docx
You receive a document (linked below) by certified mail. After readi.docx
 
You receive a document (linked below) by certified mail. After rea.docx
You receive a document (linked below) by certified mail. After rea.docxYou receive a document (linked below) by certified mail. After rea.docx
You receive a document (linked below) by certified mail. After rea.docx
 
You recently received a Leader of the Year award from a local ci.docx
You recently received a Leader of the Year award from a local ci.docxYou recently received a Leader of the Year award from a local ci.docx
You recently received a Leader of the Year award from a local ci.docx
 
Student NameStudent ID No. Assessment Task 2. .docx
Student NameStudent ID No. Assessment Task 2. .docxStudent NameStudent ID No. Assessment Task 2. .docx
Student NameStudent ID No. Assessment Task 2. .docx
 
Student Name Brief #5 Use of Audit Software Review and Survey.docx
Student Name Brief #5 Use of Audit Software Review and Survey.docxStudent Name Brief #5 Use of Audit Software Review and Survey.docx
Student Name Brief #5 Use of Audit Software Review and Survey.docx
 
Student Instructions.JPGStudent.xlsxDocumentationCBAAuthor.docx
Student Instructions.JPGStudent.xlsxDocumentationCBAAuthor.docxStudent Instructions.JPGStudent.xlsxDocumentationCBAAuthor.docx
Student Instructions.JPGStudent.xlsxDocumentationCBAAuthor.docx
 
Student Lab Activity A. Lab # CIS CIS170A-A1B. Lab.docx
Student Lab Activity A. Lab # CIS CIS170A-A1B. Lab.docxStudent Lab Activity A. Lab # CIS CIS170A-A1B. Lab.docx
Student Lab Activity A. Lab # CIS CIS170A-A1B. Lab.docx
 
Student Name________________ 1. Article Title, Author, Da.docx
Student Name________________ 1. Article Title, Author, Da.docxStudent Name________________ 1. Article Title, Author, Da.docx
Student Name________________ 1. Article Title, Author, Da.docx
 
Student ID 52421157 Exam 250758RR - Essentials of Psycho.docx
Student ID 52421157 Exam 250758RR - Essentials of Psycho.docxStudent ID 52421157 Exam 250758RR - Essentials of Psycho.docx
Student ID 52421157 Exam 250758RR - Essentials of Psycho.docx
 

Recently uploaded

The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
DhatriParmar
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
Scholarhat
 
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBCSTRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
kimdan468
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
deeptiverma2406
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
gb193092
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
goswamiyash170123
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 

Recently uploaded (20)

The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
 
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBCSTRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
STRAND 3 HYGIENIC PRACTICES.pptx GRADE 7 CBC
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdfMASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
MASS MEDIA STUDIES-835-CLASS XI Resource Material.pdf
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 

Student Name _________________________________ Date _____________SE.docx

  • 1. Student Name _________________________________ Date _____________SEC450 iLab3 Report Initial Configuration ISP Router version 12.3(4)T7 ! hostname ISP_Router ! interface FastEthernet0/0 ip address 200.100.0.1 255.255.255.0 ! interface FastEthernet1/0 ip address 200.100.40.1 255.255.255.0 ! interface Serial0/0 ip address 200.100.10.1 255.255.255.0 ! interface Serial0/1 ip address 200.100.20.1 255.255.255.0 ! router rip network 200.100.0.0 network 200.100.10.0 network 200.100.20.0 network 200.100.40.0 ! line con 0 line aux 0 line vty 0 4 password cisco line vty 5 15 password cisco !
  • 2. end Note: RED text indicates the required questions to answer Task to Set up Security Policy for Offsite Database Server #1. Explain the meaning of the "three P's" best practice rule to create ACL in routers #2. Explain the difference between the following two access- list commands a) access-list 101 permit tcp any any eq 80 b) access-list 101 permit tcp any eq 80 any #3. What are well-known, registered, and ephemeral UDP/TCP ports?
  • 3. #4. What is wrong with ACL 105? access-list 105 permit tcp any any access-list 105 deny tcp host 201.141.0.3 any #5. What well-known TCP port does Oracle Database (sql net) server use? #6. A company is managing an Oracle Database located in a Public Server to support day-to-day operations in Dallas and Chicago networks. The company has requested its Internet Access Provider (ISP) to create the necessary ACL at the ISP router securing that only responses from Oracle server to certain hosts are allowed to enter Dallas and Chicago LANs. ISP network engineers decided to use extended ACL, and applies it to F0/0 interface in ISP router. Why did they decide to create an extended ACL and apply it in interface F0/0 for inbound traffic?
  • 4. #7. Copy below ISP router’s initial running-config file from page 2, and add the commands needed to create and apply the ACL in the ISP router. Answer all questions in this document and upload it in Week 3 iLab Dropbox. 3 Revision Date: 1103 1 SEC450 ACL Tutorial This document highlights the most important concepts on Access Control List (ACL) that you need to learn in order to configure ACL in CLI. This tutorial does not intend by any mean to cover all ACL applications, but only those scenarios used in then SEC450
  • 5. iLabs. Introduction to Access Control List -based firewall essentially works closing and/or opening ports in a computer. The engine behind firewalls is built with Access Control Lists (ACL). -based firewalls are implemented in device-specific appliances and routers. Basically, firewalls in routers filter packets through interfaces to permit or deny them. -4 address specified in TCP/IP protocol suit that identify networking processes running in clients and servers. -specific commands. In Cisco IOS, CLI commands access-list and access-group are used to create and apply ACL on an interface.
  • 6. useful to identify ACL’s purpose. Extended ACL’s number IDs are from 100 to 199. filter through an interface. Hence, standard ACL denies or permits all packets (IP) with the same source IP regardless upper protocols, destination IP address, etc. Example 1: Router(config)#access-list 8 deny host 172.12.3.5 source IP address, source port number, destination IP address and destination port number. Example 2: Router(config)#access-list 102 deny tcp host 10.0.3.2 host
  • 7. 2 172.129.4.1 Deny tcp packets with source IP address 10.0.3.2 and destination IP address 172.129.4.1. to apply them in an interface as closer as possible to the concerning destination network. in an interface as closer as possible to the source IP address. on packets to filter. Create Extended ACL in global configuration -list command options lt, gt, eq, neq, range (less than, greater than, equal, not equal, range of ports) to do operation with port numbers.
  • 8. Example 3: access-list 102 deny tcp any host 11.23.45.7 gt 20 denies all packets with any source IP address to destination IP address 11.23.45.7 and destination tcp port greater than 20. Example 4: access-list 107 permit udp any any permits all packets with udp protocol with any source IP address to any destination IP address. number and destination port number. access-list <#,name> <protocol> host <source_ip> <port_qualifier> <source_port_number> host <dest_ip> <port_qualifier> <dest_port_number> where: <#,name> is a number between 100 to 199 or a one-word name <protocol> is any protocol in the TCP/IP suite <source_ip> & <dest_ip> are the source and destination IP
  • 9. addresses <port_qualifier> is optional, and can be eq, gt, lt, neq, & range <source_port_number> & <dest_port_number> follow <port_qualifier> to specify the port number(s). <port_qualifier> and <port_number> can be replaced by the application protocol. Example, http instead of eq 80 protocol, per interface, per traffic direction”. in CLI global configuration using access-list command(s). Then, apply the ACL using access-group command in CLI interface configuration. 3 -list commands.
  • 10. Routers process the ACL commands in order; top first to bottom last. -list command depends upon previous access-list commands. Therefore, always write the commands in order; more-specific-traffic commands first, and, more-generic-traffic commands last. Example 5: Router(config)#access-list 101 deny tcp host 10.0.3.2 any Router(config)#access-list 101 permit tcp any any But never follows the order below, because the second command is worthless. Router(config)#access-list 101 permit tcp any any Router(config)#access-list 101 deny tcp host 10.0.3.2 any -list command at the end that denies all packets (i.e. deny ip any any). Hence, packets that are not specifically permitted in a command will be denied by the ACL. Example 6: Use command Router(config)#access-list 105 permit ip any any at
  • 11. the end of ACL if it requires to permit all other traffic after denying packets with Router(config)#access-list 105 deny icmp any host 192.168.10.244 -list commands to filter packets from a subnet of source and/or destination IP addresses instead of single hosts. IP addresses in each of those subnets must be continuous. Here the syntax. Filtering on port numbers is also applicable, but it have been omitted for the sake of simplicity. access-list <#,name> <protocol> <source_ip> <source_wildcard> < <dest_ip> <dest_wildcard> where: <#,name> is a number between 100 to 199 or a one-word name <protocol> is any protocol in the TCP/IP suite <source_ip> & <dest_ip> are the source and destination IP addresses <source_wildcard> & <dest_wildcard> specify the subnet ranges of source and
  • 12. destination IP addresses protocols such as EIGRP and OSPF. Wildcard bit 0 means the bit in the IP address must be the same as the corresponding bit in the subnet IP addresses. Wildcard bit 1 means the bit in the IP address can be any value (0 or 1). Example 7: access-list 105 deny udp 172.16.7.3 0.0.0.3 any means to deny all packets with udp protocol with source IP addresses from 172.16.7.0 to 4 172.16.7.3 to any destination IP address. Note that .3 means in binary .00000011 and .000000xx for wildcard. Example 8: access-list 109 permit tcp host 192.168.6.3 eq 80 10.0.0.0
  • 13. 0.0.0.255 means to permit all tcp packets from source IP address 192.168.6.3 and source port tcp 80 (i.e. http server) to destination IP addresses in the subnet 10.0.0.0 to 10.0.0.255. The fact that 10.0.0.0 would not qualify for host IP in classful networks has been ignored for simplicity. host in access-list commands. Example 9: access-list 110 permit ip host 10.23.4.3 host 10.30.2.1 and access-list 110 permit ip 10.23.4.3 0.0.0.0 10.30.2.1 0.0.0.0 are equivalent commands. Both permit filtering packets with source IP address 10.23.4.3 and destination IP address 10.30.2.1. -list commands when the ACL requires filtering packets on subnet of IP addresses; either at source, destination or both. Apply to an Interface a created ACL
  • 14. that permits filtering any traffic excepting udp packets with source IP address 10.23.4.3 and destination IP address 10.30.2.1 as shown in the network diagram below. configuration. Router#config t Router(config)#access-list 103 deny udp host 10.23.4.3 host 10.30.2.1 Router(config)#access-list 103 permit ip any any the source. The interface is S0/1 in Router for traffic coming from IP 10.23.4.3. Router(config)#interface s0/1 Router(config-if)#ip access-group 103 in 5
  • 15. then erase first the ACL from global and interface configurations. To erase ACL 103 from the previous example execute the following commands: Router(config)#no ip access-list 103 Router(config)#interface s0/1 Router(config-if)#no ip access-group 103 Now, you can start over creating ACL 103. If you do not erase the ACL first, then access-list commands will be compounding in the configuration file producing unexpected behavior. Use command show run to verify the ACL is erase and created again correctly. Verify ACL Configuration in a router R to deny TCP traffic coming through interface Serial 0/2 from source IP address 10.16.2.1 to destination IP address172.16.5.3 with destination port number greater than 200. Then, the ACL should permit filtering any other traffic.
  • 16. ed to do in CLI. First, create the ACL. Second, apply the ACL to interface Serial 0/2. R> enable R# config t R(config)# access-list 101 deny tcp host 10.16.2.1 host 172.16.5.3 gt 200 R(config)# access-list 101 permit ip any any this command is needed to permit any other traffic after denying the one from previous command. R(config)# interface serial0/2 R(config-if)# ip access-group 101 in this command is to apply the ACL to serial0/2 for traffic coming in. R(config-if)# exit R# show run this is to verify the ACL configuration is correct in running-config.file R#show running-config version 12.3 ! hostname R !
  • 17. interface FastEthernet0/0 ip address 192.168.200.1 255.255.255.0 ! interface FastEthernet0/1 ip address 192.168.20.1 255.255.255.0 shutdown ! interface Serial0/0 ip address 200.100.20.2 255.255.255.0 6 ! interface Serial0/1 ip address 192.168.30.2 255.255.255.0 shutdown !
  • 18. interface Serial0/2 ip address 192.168.40.1 255.255.255.0 ip access-group 101 in ! router rip network 192.168.200.0 network 200.100.20.0 ! ip default-network 200.100.20.0 ip route 0.0.0.0 0.0.0.0 serial0/0 ! ! access-list 101 permit tcp host 10.16.2.1 host 172.16.5.3 gt 200 access-list 101 permit ip any any ! ! line con 0 line aux 0
  • 19. line vty 0 4 password cisco line vty 5 15 password cisco ! end below and start over again R# config t R(config)# no access-list 101 R(config)# interface serial0/2 R(config-if)#no ip access-group 101 Student Name _________________________________ Date _____________Database Server Security Demands – iLab3 Objectives In this lab, the students will examine the following objectives. · Become familiar with well-known and ephemeral ports · Create ACL to meet requirements on database security demands · Learn best practices to create and apply ACLs. Scenario A small company is using the topology shown below. The
  • 20. Public Server is actually an off-site Database Server that contains company records. Assume that the 200.100.0.0/16 network represents the Internet. The Dallas and Chicago Servers and hosts need to access the database server securely. Only users in the Dallas and Chicago LANs should be able to access the database server. Topology The last page of the lab assignment document contains a full- page topology. Remove this page and use it for reference to the topology and the IP addresses.
  • 21. Initial Configuration The Dallas, Chicago, and ISP Routers’ FastEthernet and Serial interfaces used for the lab have been correctly configured and enabled. Unused interfaces have been shutdown. The RIP routing tables are complete for all routers and hosts. No ACLs have been applied to any of the routers. Below is the initial running-config file in ISP router. version 12.3(4)T7 ! hostname ISP_Router ! interface FastEthernet0/0 ip address 200.100.0.1 255.255.255.0 ! interface FastEthernet1/0 ip address 200.100.40.1 255.255.255.0 ! interface Serial0/0 ip address 200.100.10.1 255.255.255.0 ! interface Serial0/1 ip address 200.100.20.1 255.255.255.0 ! router rip network 200.100.0.0 network 200.100.10.0 network 200.100.20.0 network 200.100.40.0 ! line con 0 line aux 0 line vty 0 4
  • 22. password cisco line vty 5 15 password cisco ! end Lab Data Collection and Submission Download and open the lab document file: SEC450_DB- SecurityDemands_Report.docx. Enter your name and date at the top of the lab document. As you complete each task of the lab assignment entering all relevant configuration commands, and, answered questions (as specified in the iLab assignment) into this lab document. You will submit the completed SEC450_DB_SecurityDemands_Report.docx file into the this week’s eCollege iLab Dropbox. Note: RED text indicates the required questions to answer Task to Set up Security Policy for Offsite Database Server The following requirements were given to the network engineer to create and apply ACL 100 in ISP router 1. Permit SQL database traffic from the Public server to the Dallas Host. 2. Permit SQL database traffic from the Public server to the Dallas Server. 3. Permit SQL database traffic from the Public server to the Chicago Host. 4. Permit SQL database traffic from the Public server to the Chicago Server. 5. Deny all other TCP traffic from the Public server to any destination. 6. Permit all other traffic. #1. Explain the meaning of the "three P's" best practice rule to
  • 23. create ACL in routers #2. Explain the difference between the following two access- list commands a) access-list 101 permit tcp any any eq 80 b) access-list 101 permit tcp any eq 80 any #3. What are well-known, registered, and ephemeral UDP/TCP ports? #4. What is wrong with ACL 105? access-list 105 permit tcp any any access-list 105 deny tcp host 201.141.0.3 any
  • 24. #5. What well-known TCP port does Oracle Database (sql net) server use? #6. A company is managing an Oracle Database located in a Public Server to support day-to-day operations in Dallas and Chicago networks. The company has requested its Internet Access Provider (ISP) to create the necessary ACL at the ISP router securing that only responses from Oracle server to certain hosts are allowed to enter Dallas and Chicago LANs. ISP network engineers decided to use extended ACL, and applies it to F0/0 interface in ISP router. Why did they decide to create an extended ACL and apply it in interface F0/0 for inbound traffic? #7. Copy below ISP router’s initial running-config file from page 2, and add the commands needed to create and apply the ACL in the ISP router.
  • 25. Answer all questions in the iLab Report document and upload it in Week 3 iLab Dropbox. 4 Revision Date: 1103