CyberPatriot Packet Tracer Tool Kit

Similar documents
CCNA Semester 2 labs. Labs for chapters 2 10

Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview

Lab Configuring Switch Security Features Topology

Lab Using the CLI to Gather Network Device Information Topology

Lab Configuring and Verifying Extended ACLs Topology

Lab - Troubleshooting Standard IPv4 ACL Configuration and Placement Topology

CCENT Practice Certification Exam # 2 - CCNA Exploration: Accessing the WAN (Version 4.0)

Interconnecting Cisco Networking Devices Part 1 ( )

Skills Assessment Student Training

CISCO SWITCH BEST PRACTICES GUIDE

Skills Assessment Student Practice

Teacher s Reference Manual

Lab 7 Configuring Basic Router Settings with IOS CLI

Packet Tracer - Configure Cisco Routers for Syslog, NTP, and SSH Operations (Instructor Version)

ICND1 v2.0 Interconnecting Cisco Networking Devices Part 1 CCENT & Part of CCNA Rout/Switch

Interconnecting Cisco Networking Devices Part 1 ICND1

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

Lab - Troubleshooting ACL Configuration and Placement Topology

Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM

EIGRP Practice Skills Assessment - Packet Tracer

Lab - Examining Telnet and SSH in Wireshark

CCNA 1 Chapter 2 v5.0 Exam Answers %

CCNA Security 1.0 Student Packet Tracer Manual

CHAPTER 2 ACTIVITY

Packet Tracer - Configuring Initial Switch Settings

ICND1. Switch Configuration Lab. All configurations have been set to factory defaults for these labs

Interconnecting Cisco Network Devices Part 1 v2.0 (ICND 1)

Retake - Skills Assessment Student Training (Answer Key)

Chapter 10 Lab 10-2, Securing VLANs INSTRUCTOR VERSION

CCNA Security PT Practice SBA

Skills Assessment Student Training Exam

exam. Number: Passing Score: 800 Time Limit: 120 min CISCO Interconnecting Cisco Networking Devices Part 1 (ICND)

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Lab Securing Network Devices

CCNA 1 Chapter 2 v5.0 Exam Answers 2013

Lab - Configuring IPv6 Addresses on Network Devices

Advanced IPv6 Training Course. Lab Manual. v1.3 Page 1

Lab Managing Router Configuration Files with Terminal Emulation Software

Network security session 9-2 Router Security. Network II

Device Interface IP Address Subnet Mask R1 G0/ N/A

NETWORK LAB 2 Configuring Switch Desktop

Lab Configuring and Verifying Standard IPv4 ACLs Topology

Payload Types At Different OSI Layers: Layer 2 - Frame Layer 3 - Packet Layer 4 - Datagram

PT Activity: Configure AAA Authentication on Cisco Routers

CCNA Discovery 3 Chapter 8 Reading Organizer

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Lab Configuring 802.1Q Trunk-Based Inter-VLAN Routing Topology

Skills Assessment Student Training Exam

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified

Lab Configuring and Verifying Standard IPv4 ACLs (Instructor Version Optional Lab)

Chapter 2. Switch Concepts and Configuration. Part II

Lab Configuring Per-Interface Inter-VLAN Routing (Solution)

Lab Configuring Dynamic and Static NAT (Solution)

UniNets CCNA Security LAB MANUAL UNiNets CCNA Cisco Certified Network Associate Security LAB MANUAL UniNets CCNA LAB MANUAL

CCNA 1 Final Exam Answers UPDATE 2012 eg.2

Laboration 2 Troubleshooting Switching and First-Hop Redundancy

Laboration 1 Examine the Topology and Basic Troubleshooting Commands

Interconnecting Cisco Networking Devices: Accelerated

Lab Exploring Cisco IOS and Configuring Basic Switch Settings

Lab 1-2Connecting to a Cisco Router or Switch via Console. Lab 1-6Basic Graphic Network Simulator v3 Configuration

Lab Configuring Per-Interface Inter-VLAN Routing (Instructor Version)

Lab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)

Cisco Network Academy CCNA 1 Introduction to Networks

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Configuring PPP over Ethernet with NAT

1. Which OSI layers offers reliable, connection-oriented data communication services?

Lab - Configuring a Switch Management Address

Chapter 3 Lab 3-1, Assembling Maintenance and Troubleshooting Tools

CCNA Access List Questions

Examsheets Questions and Answers

PT Activity 5.6.1: Packet Tracer Skills Integration Challenge Topology Diagram

Lab : Challenge OSPF Configuration Lab. Topology Diagram. Addressing Table. Default Gateway. Device Interface IP Address Subnet Mask

Lab - Troubleshooting Connectivity Issues

MiPDF.COM. 3. Which procedure is used to access a Cisco 2960 switch when performing an initial configuration in a secure environment?

Lab Troubleshooting Basic PPP with Authentication Topology

Configuring Layer 3 Interfaces

CISCO EXAM QUESTIONS & ANSWERS

Lab Configuring 802.1Q Trunk-Based Inter-VLAN Routing (Instructor Version Optional Lab)

Lab Configuring Port Address Translation (PAT) (Instructor Version)

CCNP TSHOOT. Quick Reference Sheet Exam

Skills Assessment. CCNA Routing and Switching: Connecting Networks. Topology. Assessment Objectives. Scenario

PT Activity: Configuring a Zone-Based Policy Firewall (ZPF)

Lab - Designing and Implementing a Subnetted IPv4 Addressing Scheme

Lab 6: Access Lists. Device Interface IP Address Subnet Mask Gateway/Clock Rate Fa 0/ R1

Preview Test: cis191_chap1_quiz

Note that you can also use the password command but the secret command gives you a better encryption algorithm.

Configuring DHCP Features and IP Source Guard

Chapter 8: Lab B: Configuring a Remote Access VPN Server and Client

SkillsUSA 2013 Contest Projects Internetworking

Skills Assessment (OSPF) Student Training Exam

Configuring HSRP. Global Knowledge Training LLC L5-1

Cisco ASA 5500 LAB Guide

Lab - Configuring Basic DHCPv4 on a Router (Solution)

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide. Figure 9-1 Port Security Global Settings window

Cisco CCNA (ICND1, ICND2) Bootcamp

CCNA2 Chapter 1 Practice

Lab Configuring Port Address Translation (PAT) Topology

CCNA. Murlisona App. Hiralal Lane, Ravivar Karanja, Near Pethe High-School, ,

Cisco Certified Network Associate ( )

CCNA Exploration Network Fundamentals

Transcription:

CyberPatriot Packet Tracer Tool Kit https://www.uscyberpatriot.org/competition/training-materials/training-modules https://www.netacad.com/ http://www.uscyberpatriot.org/documents/training%20documents/cyberpatriot%20route _Switch_Packet%20Tracer%20Lab%20Review.pdf https://www.uscyberpatriot.org/documents/training%20documents/cisco%20networking %20Training%20WebExs.pdf http://rdmills.aurorak12.org/packet-tracer-information/ https://www.netacad.com/c/portal/saml/sso?entityid=http://150566673.netacad.com/saml2 &RelayState=/courses/587813.Vocabulary: CHECK MODULE 5 and 15 Unicast: sends packet from 1 host to another host Broadcast: sends packet from 1 host to all hosts on a network Multicast: sends a packet from 1 host to a specific set of hosts NVD: National Vulnerability Database(website) How to do this: VTY password of c1$c0 (where 0 is the number zero) - - Disable unused ports. IP Addressing HOW TO SET DEFAULT GATEWAY

(switch) To configure default gateway, type, ip default-gateway (specified address) To save the running configuration to the startup configuration, type, copy running-config startup-config in priviledged EXEC mode. How to assign an ipv4 address (router) In global configuration mode, in order to assign the ip address to a certain port, type, interface (then specified port) Once in that port s configuration mode, type, ip address (then specified ip address WITH Subnet Mask) ( For SERVERS and END DEVICES) Find your way to the IP configuration tab(no command line) Type in the specified ip address(es) How to assign an ipv6 address (ROUTER) In global Configuration mode, type, ipv6 unicast-routing *NOTE: This allows for ipv6 packets to be forwarded. For congifuring the ipv6 address on a certain port, enter said port s configuration mode, then type, ipv6 address (then specified ipv6 address) After, do the same thing, except with the link local address. Format: the same, but the ipv6 address is replaced with the ipv6 link-local address, and the link-local is at the end. Example, ipv6 address FE80 : : 1 link-local (SERVERS) Find your way to the IP configuration tab(no command line) *NOTE IPv6 Gateway refers to the link-local address.

(HOSTS) Find your way to the IP configuration tab(no command line) How to find the subnet Find the difference between the binary forms of the ip address and the subnet mask. How to Verify ip addressing (PC s) go to the command Prompt in the desktop tab, and type, ipconfig /all for ipv4, and, ipv6config /all for ipv6 Subnet Mask guide with wildcards

General Knowledge Type, enable to enter privileged EXEC mode. From there, you can type, show running-config to show current configurations How to access simulation tab Bottom right corner Configuration modes 1. Terminal is the default(press, enter to enter this configuration mode, OR type, configure terminal Terms of simulation tab

How to configure a port From global configuration mode, type, interface (then specified port) NOTE: The same rule applies to switch vlan s. How to assign host name In terminal configuration mode, type, hostname (specified name) How to document the network 1. How to assign ports 1. How to configure remote management access Ip default Gateway is ip address.1(3 octets,.1 as the last octet. This is gateway to ISP) How to configure SSH version 2 1. How to assign VLANs How to disable all other unused ports 1. How to configure inter-vlan routing What is a Case-sensitive name? What is an address space?

What devices should have OSPF? What does NAT do? NAT: network address translation Lets multiple hosts connect thorugh the internet through the same ip address. Keeps port numbers attack What is FTP? File Transfer Protocol: What is ICMP? ICMP allows for end devices to ping each other NOTE: Usually used with the ping command, since it is such a small packet.(1 byte) What is TCP? Transmission control protocol, which means that What is ACL? ACL: Access Control List(who can do what[read, write and delete]) What is STATIC NAT? How to ping other devices Type, ping then the ip address to ping Pinging gives a response from the other host, website, etc;. How to use SSH How to configure access ports How to create VLANs How to configure 1 statement standard ACL #1

What is DYNAMIC NAT? What is a PAT? Port address translation Maps multiple address using different port Understanding NAT What is an NIC? Network interface controller: What is the DHCP? Dynamic Host configuration protocol: admin does not have to manually assign ip addresses. What is a Subinterface? What s an ISP network? Internet service provider(at&t) Class C subnet mask: /24 Class B subnet mask: /16 Class A subnet mask: /8

Port Security HOW TO CONFIGURE PORT SECURITY ON FAST ETHERNET PORTS HOW TO CONFIGURE PORT SECURITY Go to the interface configuration mode of the port, then type, switchport mode access to access the interface, then type, switchport port-security to enable port security. To disable unused ports, use the, shutdown when configuring the port s interface. When changing multiple ports, use the, interface range (specified module/first number-last number) global configuration command. HOW TO CONFIGURE DHCP(Refer to chapter 10.1.2.1) To enable DHCP snooping for the switch, type, ip dhcp snooping, and for a specific VLAN, type, ip dhcp snooping vlan (specified number) To define a trusted port, go to the ports interface configuration mode and type, ip dhcp snooping trust NOTE:trusted ports source ALL DHCP messages, untrusted can only source requests. An untrusted port is a port not specified as trusted. To name a DHCPv4 Pool, type, ip dhcp pool (then specified name) in global configuration mode ON A ROUTER!!!! HOW TO CONFIGURE MAC ADDRESSES

NOTE: there is a static secure MAC address(manually added to configuration file), dynamic secure MAC address(automatically added, but temporary) and sticky secure MAC address(added automatically to configuration file, or manually.) On a particular port, to change a dynamic MAC address to a sticky MAC address, type, switchport port-security mac-address sticky to the interface configuration mode. Type the same command with the specified MAC address on the end to convert those MAC addresses to sticky. To remove sticky MAC addresses from the configuration file, type, no switchport port-security mac-address sticky. To set the maximum limit of MAC addresses on a port, type, switchport port-security maximum (then specified number) VIOLATION MODES PROTECT This mode makes no notification of violation(or there being an unrecorded MAC address and not enough space to record it), but rather stops the unknown MAC address from sending packets. To change to this mode type, switchport port-security violation protect RESTRICT This mode is like the protect mode, but it sends a SYSLOG MESSAGE when there is a security violation. To change to this mode on a switch port, type, switchport port-security violation restrict SHUTDOWN This mode turns of the port LED and makes it error-disabled from a violation. If this happens, to reset it type, shutdown, then no shutdown. NOTE: this mode is default on switch ports!!!

To change to this mode on a switch port, type, switchport port-security violation shutdown Switch Security go to chapter 2.3.2.4 How to configure SVI(switch virtual interface) In global configuration mode, type, interface vlan 1 NOTE: vlan 1 is the actual SVI NOTE 2: Just type, ip address to assign the ipv4 address. Enable SVI by using the command, no shutdown How to set a password to the console line(this locks the command line if exitted, so REMEMBER THIS PASSWORD) From terminal configuration mode, type, line console (then specified number) The next line should say config-line in the parenthesis Then, type, password (specified password) After, type, login DONE! To check, exit terminal configuration mode by typing, exit There should be a line asking for a password How to set a password for the privileged mode(there should be a # in front of the host name) Enter terminal configuration mode

Type, enable password then (specified password) Then exit configuration mode How to configure an encrypted password for privileged mode Enter terminal configuration mode Type, enable secret (then specified encrypted password) The type, exit NOTE: This overrides the usual privileged mode access password. If both are set, you have to use the specified password from now on) How to encrypt a password(enable and console passwords) *NOTE: The plain text passwords shown when checking the configuration are not encrypted! Enter terminal configuration mode Type, service password-encryption then enter Exit configuration mode How to assign an MOTD banner(message Of The Day) Enter terminal configuration mode Type, banner motd (then in quotation marks the specified message) Then exit configuration mode How to save all of these configurations From the privileged EXEC mode(with this symbol #), type, copy running-config startup-config Trunking: Puts 2 separate network together How to configure SSH(REFER To RSE Chapter 2.2.1.1) First, it must have a hostname and network connectivity settings. Type, show ip ssh to see if the switch allows SSH. Then, in global configuration mode, type, ip domain-name (then specified domain name) to

NOTE: to configure SSH version 2, type, ip ssh version 2 global configuration command. NOTE: Creating an RSA key pair automatically enables SSH. Type, crypto key generate rsa to start an ssh server on the switch. You will be prompted to enter a bit(modulus) length. Recommended: 1024 bits. HOW TO DISABLE SSH: use this command in global configuration mode, crypto key zeroize rsa. This deletes the RSA key pair and disables SSH. HOW TO CONFIGURE USER AUTHENTICATION: type, username (designated username) secret (designated password). Typed in global configuration mode. HOW TO ENABLE SSH ON VTY LINES: type, transport input ssh in line configuration mode. To get there, type, line vty(designated line number) in global configuration mode. Type, login local to require a login for ssh connections. NOTE: if the information shown from show ip ssh command shows that the switch supports ssh version 1.99, then the switch supports both versions of ssh. TEST ON RSE CHAPTER 2.2.1.2 VLAN Security VLAN configuration To set an ip address, type, ip address in the vlan configuration mode To get to a vlan s configuration mode, type interface vlan (then specified vlan number) from global configuration mode. VLAN numbers 1-1005 are normal ranged vlans. Used for small-medium sized businesses.

Packet Guiding How to capture a syslog message How to configure a default route to the internet How to keep addresses from being sent to devices How to configure backup route How to configure primary route How to configure summary routes How to configure static routes How to record MAC addresses UNKNOWN COMMANDS REFER TO RSE Chapter 2.2.4.8 for NTP configuration REFER TO RSE Chapter 1.

How to configure OSPF process ID 1 1. How to configure a network statement How to disable OSPF How to implement NAT How to Configure an ACL(access control list) to permit FTP and ICMP(RSE CHAPTER 9 PACKET TRACER MODULE) 1. From global configuration mode, enter this, (space) access-list(space)?... This shows 2. Add first number of EXTENDED access list, followed by a question mark(in between list and the?) 3. To permit FTP traffic, enter, permit in between the number and the question mark, with spaces. A list of Protocols will be shown 4. If FTP is not permitted, then add, tcp between permit and the question mark, since FTP uses TCP 5. NOTE: There is a space between everything, including the question mark! 6. Then, enter specified network address 7. Find mask of the wildcard (take the binary opposite of the subnet mask) 8. Then, on top of everything else, add the mask onto the end of the command, including the network 9. For a single destination, enter host after the wildcard, then the destination s ip address. 10. To display options, enter eq before the questionmark 11. Then, type ftp and enter, WITH NO QUESTION MARK!

How to configure static NAT for the File server How to Configure DYNAMIC NAT How to configure a PAT How to create a DHCP Pool How to configure DHCP to give default gateway How to create a DHCP client How to configure OSPF v1 How to configure OSPF v2 Link-State Protocol: How to configure OSPF v3 How to configure VTY to only accept SSH RSA key-pair configuration OSPF : Open Shortest Path Protocol

DOCUMENTATION Troubleshooting(Chapter 7.3.2.9) [RSE CHAPTER 2.1.2] Ip addressing Vlan and Port Assignments

Filling in the Blanks Subnetting(Chapter 8) What does it do? Subnetting reduces overall network traffic and improves network performance. Subnetting determines the number of hosts on a network using an ip address and the subnet mask. Add a number at the host portion of the subnet mask starting from left to right to change the subnet mask. Every bit changed starting from left to right CONSECUTIVALEY, will add another exponent to the number 2. The resulting number will be the number of subnetworks made. The number of host bits left (as the exponent of 2)minus the number of changed bits(as the exponent of 2) equals the number of available hosts and what addresses they are located in. (Host bits mulatiplied by the number of subnets determines their locations. In other words: 2^n-2=number of hosts on a subnet, 2^n=number of subnets created, and look at the position of the last one in the subnet mask in order to find the number each subnet goes up by. NOTE: Subnet mask stays the same for all subnets. Last network in the network address is the broadcast address AND the ip address(ipv4) and the subnet mask to get the network address How to make 2 equal sized subnets with the same mask: only borrow 1 host bit!

USE CHAPTER 11!!! Windows Server 2008 checklist: https://ca-cyberhub.org/images/resources/checklist_-_server2008_-_ Marlow_High_School.pdf Verification PORT SECURITY Type, show port-security interface (specified full port name and number) To show all secure MAc addresses, type, show port-security address If the port is shutdown, document the threat and eliminate the threat before the port is re-enabled. VLAN ASSIGNMENTS NAT TRANSLATIONS

OSPF REMOTE ACCESS SSH REFER TO RSE Chapter 2.2.1.3 Switch To look at the statuses of interfaces, type, show ip interface brief in priviledged EXEC mode. REFER to RSE Chapter 2.1.2.4 for switch port verification

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback