subscribe

FREE CCNA Lab: Sirius Cybernetics Project – Part 5: Device Hardening – FreeLabFriday

FREE CCNA Lab: Sirius Cybernetics Project – Part 5: Device Hardening – FreeLabFriday

Free Lab Guide: http://bit.ly/2JP0CIh
Free Packet Tracer Lab File – assessment: http://bit.ly/2JtNckJ
Free Packet Tracer Lab File – answers: http://bit.ly/2Ju9BOL
Playlist: http://bit.ly/2DjEhxm

Connect with Brian:
Twitter: https://twitter.com/65Briangallagh
LinkedIn: https://www.linkedin.com/in/bgallagh/

Connect with David:
Twitter: https://twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal/
LinkedIn: https://www.linkedin.com/in/davidbombal/

#CCNA #CCENT #FreeLabFriday

Sirius Cybernetics were very impressed with your work on the Initial Security of the Network. They have asked your company if you personally could complete the second security implementation of their network.
Sirius have asked for the following configurations to be completed:
1. All unused ports on the LAN switches are to be disabled and a description added to the ports that states ‘Unused ports are Disabled by Policy’
2. Active PC clients connected to the LAN switches are required to be dynamically learned for port-security on the relevant switches on which they reside. The mac-addresses are to appear in the running config of the switches. Only after the Clients mac-addresses are displayed in the configuration is the running-config to be saved on the switches to prevent relearning of incorrect addresses.
3. Port-security is also to be deployed for the Branch router. The routers mac address is to be configured manually on SW1.
4. The maximum number of mac addresses learned per port to be 1.
5. In the event of any violations of the port-security policy, the port is to kept enabled, unknown addressed frames are to be discarded and a logging message is to sent.
6. Layer 2 protocol messages should not be sent out to the ISP router from the Branch or HQ routers. The ISP router should not receive any advertisements that could present a possible vulnerability.
7. The Branch router is to receive its time from the ISP Internet gateway Server. Time should be authenticated with a key of 1 and a password of ntppassword.

Ensure all configurations are saved prior to logging out of the network devices.

You will be able to Check Results for your score and use this as possible hints and tips as
to what to check to get the 100% score.

Get more at http://davidbombal.com