信息安全實(shí)驗(yàn)十參考答案及翻譯_第1頁
已閱讀1頁,還剩10頁未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡介

1、PT Activity: Configure a Network for Secure OperationAddressing TableDevice Interface IP Address Subnet Mask Default GatewaySwitch PortFA0/1 192.168.1.1 255.255.255.0 N/A S1 FA0/5 R1S0/0/0 (DCE) 10.1.1.1 255.255.255.25

2、2 N/A N/AS0/0/0 10.1.1.2 255.255.255.252 N/A N/A R2S0/0/1 (DCE) 10.2.2.2 255.255.255.252 N/A N/AFA0/1 192.168.3.1 255.255.255.0 N/A S3 FA0/5 R3S0/0/1 10.2.2.1 255.255.255.252 N/A N/APC-A NIC 192.168.1.5 255.255.255.0 192

3、.168.1.1 S1 FA0/6PC-B NIC 192.168.1.6 255.255.255.0 192.168.1.1 S2 FA0/18PC-C NIC 192.168.3.5 255.255.255.0 192.168.3.1 S3 FA0/6Learning Objectives? Secure the routers with strong passwords, password encryption

4、and a login banner.? Secure the console and VTY lines with passwords.? Configure local AAA authentication.? Configure SSH server.? Configure router for syslog.? Configure router fo

5、r NTP.? Secure the router against login attacks.? Configure CBAC and ZPF firewalls.? Secure network switches.IntroductionIn this comprehensive practice activity, you will apply a combination of se

6、curity measures that were introduced in the course. These measures are listed in the objectives.In the topology, R1 is the edge outer for the Company A while R3 is the edge router for Company B. These networks are inte

7、rconnected via the R2 router which represents the ISP. You will configure various security features on the routers and switches for Company A and Company B. Not all security features will be configured on R1 and R3.The

8、 following preconfigurations have been made:? Hostnames on all devices? IP addresses on all devicesStep 5. Configure vty lines on R1.Configure a vty line password of ciscovtypa55 and enable login. Set the

9、 exec-timeout to log out after 5 minutes of inactivity. Set the login authentication(認(rèn)證) to use the default (系統(tǒng)默認(rèn)值) AAA list to be defined later.Note(注意) (注意): The vty lines on R3 will be configured(配置) for SSH in a lat

10、er task.(工作)Step 6. Configure login banner(登陸提示 (登陸提示 banner,旗幟,標(biāo)語) ,旗幟,標(biāo)語) on R1 and R3.Configure a warning(警告) to unauthorized(非法的) users with a message-of-the-day (MOTD) banner that says: “No Unauthorized Access!”.Ta

11、sk 3: Configure Local Authentication on R1 and R3Step 1. Configure the local user database.(數(shù)據(jù)庫) (數(shù)據(jù)庫)Create a local user account(賬戶) of Admin01 with a secret password of Admin01pa55.Privilege(特權(quán))用此用戶名登陸的用戶訪問特權(quán)級別為 15(詳見書

12、 29 頁)Step 2. Enable AAA services.Step 3. Implement(實(shí)施,執(zhí)行) (實(shí)施,執(zhí)行) AAA services using the local database.(本地?cái)?shù)據(jù)庫) (本地?cái)?shù)據(jù)庫)Create the default login authentication method list using local authentication with no backup (備份)m

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 眾賞文庫僅提供信息存儲(chǔ)空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論