Guided Practice - Network Security

docx

School

ECPI University, Virginia Beach *

*We aren’t endorsed by this school

Course

120

Subject

Computer Science

Date

Feb 20, 2024

Type

docx

Pages

23

Uploaded by MinisterPower10030

Report
Guided Practice – Network Security In this practice, you will continue working with your subnetted small network. You will use Packet Tracer in this practice. Task 1 – Moving to a fiber connection to the Internet We will be moving from a cable connection to the Internet to a fiber connection. Delete the coaxial splitter and cable modem. Connect the fiber repeater to G0/0/1 of your router.
Take a screenshot of your router connected to the fiber repeater. Next go to PC2 and ping the Internet Server- we should get a successful ping showing we have connectivity to the Internet with our new fiber connection. Take a screenshot. Deliverables for Task 1 Screenshot of your router connected to the fiber repeater. Screenshot of a successful ping from PC2 to the Internet Server.
Task 2- Password Protect the Router and Switches In this task you will be password protecting your router and both switches. There are several passwords we can set on a switch and router: console password auxiliary password VTY password enable password enable secret password Let’s start by setting the console password for your router and switches. A console password will require the user to input a password when accessing the system console. Let’s console into the router from the PC. We are able to console into the router because no console password is set. Let’s set the console password to cisco . Then let’s force the system to prompt us for the console password. Let’s now logout out by typing exit three times and then go back in hit the Enter key- you should now be prompted for the console password. Follow the same steps for your switches and take screenshots of each.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Now let’s type in the console password of cisco and then enable to enter the system once again. We are now going to set the auxiliary password for the auxiliary port of the router. This port is most commonly used as a backup to the console port, but can also be used as dial-up port for remote management and other functions. Take a screenshot. Next we will configure the VTY “lines”. VTY stands for Virtual Teletype and is what we use in order to remotely login to a Switch and Router. Let’s first create a user on the router and switches and name it student and give it a password of class . Now let’s set the VTY to use this account we just created instead of setting a password, and to allow both Telnet and SSH (both remote login protocols) access. Follow the same steps for your switches and take screenshots of each. Finally we are going to set the enable and enable secret passwords. The main difference between enable and enable secret is encryption. With enable, the password that you give is stored in a plain text format and is not encrypted. With enable secret password, the password is encrypted . Follow the same steps for your switches and take screenshots of each. Let’s take a look at these two password in our running-configuration. You’ll notice you can see the enable password, but the enable secret password has been encrypted.
Let’s use another command to encrypt our enable password and all other passwords on the system. Follow the same steps for your switches. Let’s take a look at our running-configuration again, this time both passwords should be encrypted as well as all other passwords on the system.
Deliverables for Task 2 Screenshot of console password set on the router and both switches.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Screenshot of auxiliary password set on the router. Screenshot of VTY configured on the router and both switches.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Screenshot of enable and secret password on the router and switches.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Task 3- Port Security a) Port Security i) You will be implementing port security on your switches. This will make it so only authorized systems can be connected to your network and will shut down a switchport where someone is trying to attach an unauthorized device. ii) You can either manually enter the MAC addresses for valid systems or let the system dynamically learn the MAC addresses. Either way you are giving the switch the only valid systems that can be connected to your network. iii) When configured with a MAC address, or group of MAC addresses, the switch will forward only packets for these devices. Any other packets received will be discarded. b) Securing the port manually. i) On the PC open a command prompt. At the command prompt type ipconfig /all to determine your Mac address. The MAC address will look like this: XXXX.XXXX.XXXX. This is the Physical Address below.
c) Connect the PC to the console port on S1 and enter the following lines. Replace the MAC address below with the MAC address of your PC. d) Add another PC behind the PC and move the straight-thru the cable to the new PC. This is the equivalent of someone disconnecting the PC and connecting a new PC in order to access your network. e) Attempt to pull a DHCP address to the new PC by switching from a static address to DHCP. Notice that you did not get an IP address and that your network connection is now disabled. Take a screenshot. f) Switch the straight-through cable back to your PC. To restart the service to PC1 you must do a shutdown and no shutdown on S1 of the port affected.
Your PC should now be once again operational on the network. g) Now we’re going to place dynamic port security on S2. Console to your S2 switch and add the following: h) Place a new PC beside PC2 and move the straight-through the cable to the new PC. Try to pull a new IP address the new PC. What happens? The computer does update the dchp address for the new pc. i) Plug the straight-through back into PC2 and pull a new DHCP address. What happens? The dchp address does not show up and shows apipa is being used instead. Deliverables for Task 3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Screenshot of PC disabled due to Port Security. Answer first question. Answer second question. Task 4 – Configuring dynamic routing with RIP and OSPF In this task we will move from static routing to dynamic routing. First we will configure RIPv2 and then OSPF. We won’t need to configure these two dynamic routing protocols on the Internet Router as it is already configured with both protocols. Let’s console into your router from the PC.
To configure RIPv2 for your router, type the following router (keep in mind the third octet will be your assigned number for 192.168.50.0): Now let’s take a look at the router’s routing table with a show ip route command. Take a screenshot:
The entry we want to focus on here is the one that start with R- this is the network the Internet Server belongs to- and we just learned how to get it via RIPv2. Let’s go ahead and remove our static default route and then make sure we can ping the Internet sever using RIPv2. Let’s now Ping from the PC to the Internet Server, this time with no static default route and only with RIPv2 for our routing. Take a screenshot:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Now let’s shift our focus to OSPF. Configuring OSPF is a bit different then RIPv2 as it uses areas and wild card masks. Make the following OSPF configurations on your router (keep in mind the third octet will be your assigned number): Here we’ve placed our user network in area 2, the network between our router and the Internet Router in area 1 and the network that the Internet Server belongs to in area 1. Now again let’s take a look at the router’s routing table with a show ip route command. Take a screenshot:
j) Why don’t we see RIP ( R ) anymore for the 11.1.1.0/24 network in our router’s routing table and only OSPF ( O IA )? What does the IA stand for? The IA stands for OSPF inter area This time we see the network the Internet Server belongs to with an O IA indicating our router has learned how to get to it via OSPF. Let’s again Ping from the PC to the Internet Server, this time with only OSPF for our routing. Take a screenshot:
Deliverables for Task 4 Screenshot of your router’s show ip route showing 11.1.1.0/24 learned via RIPv2. Successful ping to the Internet Server from your PC after configuring RIPv2.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Screenshot of your router’s show ip route showing 11.1.1.0/24 learned via OSPF. Answer the question. Successful ping to the Internet Server from your PC after configuring OSPF.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CS 305 Module Two Written Assignment Tolentino.docx
Module 4-2 Pseudocode.docx
CS319 Module 2 - Interview and Personas.docx
CS319 Module 5-3 Data Prioritization.docx
CS 305 Project Two Practices for Secure Software Report - Tolentino.pdf
Color, Sounds, and Motion.docx
Tenhagen_7-2_Activity.docx
Project Phase 3_ VLANs and IoT.docx
Project - Connecting to the Internet (1).docx
Assignment4.docx
Brandon walker 3.2.docx
L05 Quiz.txt
Recommended textbooks for you
Text book image
Comptia A+ Core 1 Exam: Guide To Computing Infras...
Computer Science
ISBN:9780357108376
Author:Jean Andrews, Joy Dark, Jill West
Publisher:Cengage Learning
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Comptia A+ Core 1 Exam: Guide To Computing Infras...
Computer Science
ISBN:9780357108376
Author:Jean Andrews, Joy Dark, Jill West
Publisher:Cengage Learning
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
SEE MORE TEXTBOOKS