CIS425_U1+Lab+(2.6.1.2)+.docx

CIS425_U1+Lab+(2.6.1.2)+.docx - Unit 1 Lab Securing the...

This preview shows page 1 - 4 out of 42 pages.

Unit 1 Lab: Securing the Router for Administrative Access Topology Note : ISR G1 devices use FastEthernet interfaces instead of GigabitEthernet Interfaces. IP Addressing Table Device Interface IP Address Subnet Mask Default Gateway Switch Port R1 G0/1 192.168.1.1 255.255.255.0 N/A S1 F0/5 S0/0/0 (DCE) 10.1.1.1 255.255.255.252 N/A N/A R2 S0/0/0 10.1.1.2 255.255.255.252 N/A N/A S0/0/1 (DCE) 10.2.2.2 255.255.255.252 N/A N/A R3 G0/1 192.168.3.1 255.255.255.0 N/A S3 F0/5 S0/0/1 10.2.2.1 255.255.255.252 N/A N/A PC-A NIC 192.168.1.3 255.255.255.0 192.168.1.1 S1 F0/6 PC-C NIC 192.168.3.3 255.255.255.0 192.168.3.1 S3 F0/18 © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 42
Image of page 1

Subscribe to view the full document.

Lab - Securing the Router for Administrative Access Objectives Part 1: Configure Basic Device Settings Cable the network as shown in the topology. Configure basic IP addressing for routers and PCs. Configure OSPF routing. Configure PC hosts. Verify connectivity between hosts and routers. Part 2: Control Administrative Access for Routers Configure and encrypt all passwords. Configure a login warning banner. Configure enhanced username password security. Configure an SSH server on a router. Configure an SSH client and verify connectivity. Configure an SCP server on a router. Part 3: Configure Administrative Roles Create multiple role views and grant varying privileges. Verify and contrast views. Part 4: Configure Cisco IOS Resilience and Management Reporting Secure the Cisco IOS image and configuration files. Configure SNMPv3 Security using an ACL. Configure a router as a synchronized time source for other devices using NTP. Configure Syslog support on a router. Install a Syslog server on a PC and enable it. Make changes to the router and monitor syslog results on the PC. Part 5: Secure the Control Plane Configure OSPF Authentication using SHA256 Verify OSPF Authentication Part 6: Configure Automated Security Features Lock down a router using AutoSecure and verify the configuration. Contrast using AutoSecure with manually securing a router using the command line. © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 42
Image of page 2
Lab - Securing the Router for Administrative Access Background / Scenario The router is a critical component in any network. It controls the movement of data into and out of the network and between devices within the network. It is particularly important to protect network routers because the failure of a routing device could make sections of the network, or the entire network, inaccessible. Controlling access to routers and enabling reporting on routers is critical to network security and should be part of a comprehensive security policy. In this lab, you will build a multi-router network and configure the routers and hosts. Use various CLI tools to secure local and remote access to the routers, analyze potential vulnerabilities, and take steps to mitigate them. Enable management reporting to monitor router configuration changes.
Image of page 3

Subscribe to view the full document.

Image of page 4
You've reached the end of this preview.
  • Fall '09
  • IP address, Cisco IOS

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern