En RSSE SkillsAssessment-Student Exam CCNA2

CCNA: Routing and Switching Essentials

Skills Assessment Assessment – Student Training Training Exam Topology

Assessment O!ecti"es #art $: %nitiali&e 'e"ices (8 points, 5 minutes) #art (: Con)igure 'e"ice *asic Settings (28 points, 30 minutes) #art +: Con)igure Switch Security, -.ANs, and %nter/-.AN Routing (14 points, 15 minutes) #art 0: Con)igure OS#1"( 'ynamic Routing #rotocol (24 points, 25 minutes) #art 2: %mplement '3C# and NAT (13 NAT (13 points, 25 minutes) #art 4: Con)igure and -eri)y Access Control .ists 5AC.s6 (13 points, 25 minutes)

© 2013 2013 Cisco Cisco and/or and/or its affil affiliat iates. es. All All ri! ri!ts ts reser" reser"ed. ed. #!is #!is docu documen mentt is is Cisc Cisco o $u%l $u%lic. ic.

$ae $ae $ of $+


SA Exam

Scenario &n t!is 'ills Assessment ('A) ou *ill confiure a small net*or. +ou *ill confiure routers, s*itc!es, and $Cs to support &$"4 connecti"it, s*itc! securit, and inter -A routin. +ou *ill t!en confiure t!e de"ices *it! '$"2, C$, and dnamic and static A#. Access control lists (AC-s) *ill %e applied for added securit. +ou *ill test and document t!e net*or usin common C-& commands t!rou!out t!e assessment.

Re7uired Resources •

3 outers (Cisco 141 *it! Cisco &' elease 15.2(4)3 uni"ersal imae or compara%le)

•

2 '*itc!es (Cisco 260 *it! Cisco &' elease 15.0(2) lan%ase imae or compara%le)

•

3 $Cs (7indo*s , ista, or 9$ *it! terminal emulation proram, suc! as #era #erm)

•

Console ca%le to confiure t!e Cisco &' de"ices "ia t!e console ports

•

:t!ernet and 'erial ca%les as s!o*n in t!e topolo

#art $: %nitiali&e 'e"ices Total points: 8 Time: 2 minutes

Step $: %nitiali&e and reload the routers and switches9 :rase t!e startup confiurations reload t!e de"ices. ;efore proceedin, !a"e our instructor "erif de"ice initiali
%OS Command

#oints

:rase t!e startup=confi file on all routers.

1> points (> point per router)

eload all routers.

1 > points (> point per router)

:rase t!e startup=confi file on all s*itc!es and remo"e t!e old -A data%ase.

2 points (1 point per s*itc!)

eload %ot! s*itc!es.

2 points (1 point per s*itc!)

erif -A data%ase is a%sent from flas! on %ot! s*itc!es.

1 point (> point per s*itc!)

%nstructor Sign/o)) #art $:  #oints:  o) 8

© 2013 Cisco and/or its affiliates. All ri!ts reser"ed. #!is document is Cisco $u%lic.

$ae ( of $+


SA Exam

#art (: Con)igure 'e"ice *asic Settings Total points: (8 Time: +; minutes

Step $: Con)igure the %nternet #C9 Confiuration tass for t!e &nternet $C include t!e follo*in (efer to #opolo for &$ address information)? Con)iguration %tem or Task

Speci)ication

#oints

&$ Address

(1/2 point)

'u%net as

(1/2 point)

efault @ate*a

20.165.200.225

Note? &t ma %e necessar to disa%le t!e $C fire*all for pins to %e successful later in t!is la%.

Step (: Con)igure R$9 Confiuration tass for 1 include t!e follo*in? Con)iguration %tem or Task

Speci)ication

isa%le ' looup

#oints (1/2 point)

outer name

1

(1/2 point)

:ncrpted pri"ileed eec pass*ord

class

(1/2 point)

Console access pass*ord

cisco

(1/2 point)

#elnet access pass*ord

cisco

(1/2 point)

:ncrpt t!e clear tet pass*ords # %anner

(1/2 point) Bnaut!ori
(1/2 point)

'et t!e description &nterface '0/0/0

'et t!e -aer 3 &$"4 address. Bse t!e first a"aila%le address in t!e su%net.

(1/2 point)

'et t!e clocin rate to 128000 Acti"ate &nterface efault route

Confiure a default route out '0/0/0.

Note? o not confiure @0/1 at t!is time.

Step +: Con)igure R(9 Confiuration tass for 2 include t!e follo*in?


$ae + of $+

(1/2 point)


SA Exam

Con)iguration %tem or Task

Speci)ication


#oints (1/2 point)

outer name

2

(1/2 point)


class

(1/2 point)


cisco

(1/2 point)


cisco

(1/2 point)

:ncrpt t!e clear tet pass*ords

(1/2 point)

:na%le ##$ ser"er

(1/2 point)

# %anner

Bnaut!ori
(1/2 point)


'et t!e -aer 3 &$"4 address. Bse t!e net a"aila%le address in t!e su%net.

(1 point)

Acti"ate &nterface 'et t!e description &nterface '0/0/1


(1 point)

'et clocin rate to 128000 Acti"ate &nterface 'et t!e escription &nterface @0/0 ('imulated &nternet)


(1 point)

Acti"ate &nterface &nterface -oop%ac 0 ('imulated 7e% 'er"er)

'et t!e description.

efault route

Confiure a default route out @0/0.

'et t!e -aer 3 &$"4 address.

Step 0: Con)igure R+9 Confiuration tass for 3 include t!e follo*in?


$ae 0 of $+

(1/2 point) (1/2 point)


SA Exam


Speci)ication


#oints (1/2 point)

outer name

3

(1/2 point)


class

(1/2 point)


cisco

(1/2 point)


cisco

(1/2 point)


(1/2 point)


'et t!e -aer 3 &$"4 address. Bse t!e net a"aila%le address in t!e su%net.

(1/2 point)

Acti"ate &nterface &nterface -oop%ac 4


(1/2 point)

&nterface -oop%ac 5


(1/2 point)

&nterface -oop%ac 6


(1/2 point)

efault route

Confiure a default route out '0/0/1.

(1/2 point)

Step 2: Con)igure S$9 Confiuration tass for '1 include t!e follo*in? Con)iguration %tem or Task

Speci)ication


#oints (1/2 point)

'*itc! name

'1

(1/2 point)


class

(1/2 point)


cisco

(1/2 point)


cisco

(1/2 point)


Step 4: Con)igure S+ Confiuration tass for '3 include t!e follo*in?


$ae 2 of $+

(1/2 point)


SA Exam


Speci)ication


#oints (1/2 point)

'*itc! name

'3

(1/2 point)


class

(1/2 point)


cisco

(1/2 point)


cisco

(1/2 point)


(1/2 point)

Step <: -eri)y network connecti"ity9 Bse t!e ping command to test connecti"it %et*een net*or de"ices. Bse t!e follo*in ta%le to met!odicall "erif connecti"it *it! eac! net*or de"ice. #ae correcti"e action to esta%lis! connecti"it if a test fails? 1rom

To

%# Address

#ing Results

#oints

1

2, '0/0/0

(1/2 point)

2

3, '0/0/1

(1/2 point)

&nternet $C

efault @ate*a

(1/2 point)

Note? &t ma %e necessar to disa%le t!e $C fire*all for pins to %e successful. %nstructor Sign/o)) #art (:  #oints:  o) (8

#art +: Con)igure Switch Security, -.ANS, and %nter -.AN Routing Total points: $0 Time: $2 minutes

Step $: Con)igure S$9 Confiuration tass for '1 include t!e follo*in?


$ae 4 of $+



SA Exam

Speci)ication

#oints

Create t!e -A data%ase

Bse #opolo -A De ta%le to create and name eac! of t!e listed -A'.

(1 point)

Assin t!e manaement &$ address.

Assin t!e -aer 3 &$"4 address to t!e anaement -A. Bse t!e &$ address assined to '1 in t!e #opolo diaram.

(1/2 point)

Assin t!e default=ate*a

Assin t!e first &$ address in t!e su%net as t!e default=ate*a.

(1/2 point)

orce trunin on &nterface 0/3

Bse -A 1 as t!e nati"e -A.

(1/2 point)



(1/2 point)

Confiure all ot!er ports as access ports

Bse t!e interface rane command.

(1/2 point)

Assin 0/6 to -A 31

(1/2 point)

'!utdo*n all unused ports.

(1/2 point)

Step (: Con)igure S+9 Confiuration tass for '3 include t!e follo*in? Con)iguration %tem or Task

Speci)ication

#oints

Create t!e -A data%ase

Bse #opolo -A De #a%le to create eac! of t!e listed -A'. ame eac! -A.

(1 point)

Assin t!e manaement &$ address.

Assin t!e -aer 3 &$"4 address to t!e anaement -A. Bse t!e &$ address assined to '3 in t!e #opolo diaram.

(1/2 point)

Assin t!e default=ate*a

Assin t!e first &$ address in t!e su%net as t!e default=ate*a

(1/2 point)



Confiure all ot!er ports as access ports

Bse t!e interface rane command.

(1/2 point) (1/2 point)

Assin 0/18 to -A 33

(1/2 point)

'!utdo*n all unused ports.

(1/2 point)

Step +: Con)igure R$9 Confiuration tass for 1 include t!e follo*in?


$ae < of $+


SA Exam

Con)iguration %tem or Task Confiure 802.1E su%interface .31 on @0/1

Confiure 802.1E su%interface .33 on @0/1

Confiure 802.1E su%interface . on @0/1

Speci)ication

#oints

escription Accountin -A Assin -A 31.

(1 point)

Assin t!e first a"aila%le address to t!is interface. escription :nineerin -A Assin -A 33.

(1 point)

Assin t!e first a"aila%le address to t!is interface. escription anaement -A Assin -A .

(1 point)

Assin t!e first a"aila%le address to t!is interface.

Acti"ate &nterface @0/1

(1/2 point)

Step 0: -eri)y network connecti"ity9 Bse t!e ping command to test connecti"it %et*een t!e s*itc!es and 1. Bse t!e follo*in ta%le to met!odicall "erif connecti"it *it! eac! net*or de"ice. #ae correcti"e action to esta%lis! connecti"it if a test fails? 1rom

To

%# Address

#ing Results

#oints

'1

1, -A  address

(1/2 point)

'3

1, -A  address

(1/2 point)

'1

1, -A 31 address

(1/2 point)

'3

1, -A 33 address

(1/2 point)

%nstructor Sign/o)) #art (:  #oints:  o) $0

#art 0: Con)igure OS#1"( 'ynamic Routing #rotocol Total points: (0 Time: (2 minutes

Step $: Con)igure OS#1"( on R$9 Confiuration tass for 1 include t!e follo*in?


$ae 8 of $+


SA Exam


Speci)ication

#oints

'$ $rocess &

1

(1/2 point)

outer &

1.1.1.1

(1/2 point)

Bse classless net*or addresses Ad"ertise directl connected et*ors

Assin all directl connected net*ors to Area 0

'et all -A interfaces as passi"e

(1 point) (1 point)

C!ane t!e default cost reference %and*idt! to support @ia%it interface calculations

1000

'et t!e serial interface %and*idt!

128 D%/s

(1 point)

AdFust t!e metric cost of '0/0/0

Cost? 500

(1 point)

(1 point)

Step (: Con)igure OS#1"( on R(9 Confiuration tass for 2 include t!e follo*in? Con)iguration %tem or Task

Speci)ication

#oints


1

(1 point)

outer &

2.2.2.2

(1 point)

Bse classless net*or addresses Ad"ertise directl connected et*ors

Note: mit t!e @0/0 net*or.

'et t!e -A (-oop%ac) interface as passi"e

(1 point) (1 point)

C!ane t!e default cost reference %and*idt! to allo* for @ia%it interfaces

1000

'et t!e %and*idt! on all serial interfaces

128 D%/s

(1 point)

AdFust t!e metric cost of '0/0/0

Cost? 500

(1 point)

(1 point)

Step +: Con)igure OS#1"( on R+9 Confiuration tass for 3 include t!e follo*in?


$ae = of $+


SA Exam


Speci)ication

#oints


1

(1/2 point)

outer &

3.3.3.3

(1/2 point)

Bse classless net*or addresses Assin interfaces to Area 0 Ad"ertise directl connected et*ors

Bse a sinle summar address for t!e -A (loop%ac) interfaces.

'et all -A (-oop%ac) interfaces as passi"e

(1 point)

(1 point)

C!ane t!e default cost reference %and*idt! to support @ia%it interface calculations

1000

'et t!e serial interface %and*idt!

128 D%/s

(1 point) (1 point)

Step 0: -eri)y OS#1 in)ormation9 erif t!at '$ is functionin as epected. :nter t!e appropriate C-& command to disco"er t!e follo*in information? >uestion

Response

#oints

7!at command *ill displa all connected '$"2 routersG

(1 point)

7!at command displas a summar list of '$ interfaces t!at includes a column for t!e cost of eac! interfaceG

(1 point)

7!at command displas t!e '$ $rocess &, outer &, Address summari
(1 point)

7!at command displas onl '$ routesG

(1 point)

7!at command displas detail information a%out t!e '$ interfaces, includin t!e aut!entication met!odG

(1 point)

7!at command displas t!e '$ section of t!e runnin= confiurationG

(1 point)

%nstructor Sign/o)) #art +:  #oints:  o) (0

#art 2: %mplement '3C# and NAT )or %#"0 Total points: $+ Time: (2 minutes

Step $: Con)igure R$ as the '3C# ser"er )or -.ANs +$ and ++9 Confiuration tass for 1 include t!e follo*in?


$ae $; of $+


SA Exam


Speci)ication

#oints

eser"e t!e first 20 &$ addresses in -A 31 for static confiurations

(1 point)

eser"e t!e first 20 &$ addresses in -A 33 for static confiurations

(1 point) ame? ACC#

Create a C$ pool for -A 31

'='er"er? 10.10.10.11 omain=ame? ccna=s%a.com

(1 point)

'et t!e default ate*a. ame? :@ Create a C$ pool for -A 33

'='er"er? 10.10.10.11 omain=ame? ccna=s%a.com

(1 point)

'et t!e default ate*a.

Step (: Con)igure Static and 'ynamic NAT on R(9 Confiuration tass for 2 include t!e follo*in? Con)iguration %tem or Task Create a local data%ase *it! 1 user account

Speci)ication

#oints

Bsername? weuser $ass*ord? cisco$(+02

(1 point)

$ri"ilee le"el? $2

:na%le ##$ ser"er ser"ice

(1/2 point)

Confiure t!e ##$ ser"er to use t!e local data%ase for aut!entication

(1/2 point)

Create a static A# to t!e 7e% 'er"er

&nside @lo%al Address? (;=9$429(;;9((=

Assin t!e inside and outside interface for t!e static A#

(1 point) (1 point)

Access -ist? 1 Confiure t!e dnamic A# inside pri"ate AC-

efine t!e pool of usa%le pu%lic &$ addresses

Allo* t!e Accountin and :nineerin net*ors on 1 to %e translated.

(1 point)

Allo* a summar of t!e -As (loop%ac) net*ors on 3 to %e translated. $ool ame? %NTERNET $ool of addresses include?

(1 point)

(;=9$429(;;9((2 – (;=9$429(;;9((8

efine t!e dnamic A# translation

(1 point)

Step +: -eri)y '3C# and Static NAT9 Bse t!e follo*in tass to "erif t!at C$ and 'tatic A# settins are functionin correctl. &t ma %e necessar to disa%le t!e $C fire*all for pins to %e successful?


$ae $$ of $+


Test

SA Exam

Results

#oints

erif t!at $C=A acHuired &$ information from t!e C$ ser"er

(1/2 point)

erif t!at $C=C acHuired &$ information from t!e C$ ser"er

(1/2 point)

erif t!at $C=A can pin $C=C. (1/2 point)

Note? &t ma %e necessar to disa%le t!e $C fire*all Bse a 7e% %ro*ser on t!e &nternet $C to access t!e 7 e% ser"er (20.165.200.22). -oin *it! Bsername? weuser , $ass*ord? cisco$(+02

(1/2 point)

Note? erification of dnamic A# *ill %e performed in $art 6. %nstructor Sign/o)) #art (:  #oints:  o) $+

#art 4: Con)igure and -eri)y Access Control .ists 5AC.s6 Total points: $+ Time: (2 minutes

Step $: Restrict access to -T? lines on R(9 Con)iguration %tem or Task Confiure a named access list to onl allo* 1 to telnet to 2.

Speci)ication AC- ame? A'@%N/@T

#oints (2 points)

Appl t!e named AC- to t!e #+ lines

(1 point)

erif AC- is *orin as epected,

(1 point)

Step (: Secure the network )rom %nternet tra))ic9


$ae $( of $+


SA Exam


Speci)ication

Confiure an :tended AC- to? •

•

AC- o.? $;$

Allo* &nternet !osts 777 access to t!e simulated *e% ser"er on 2 % accessin t!e static A# address (20.165.200.22) t!at ou confiured in $art 3.

#oints (2 points)

$re"ent traffic from t!e &nternet from pinin internal net*ors, *!ile continuin to allo* -A interfaces to pin t!e &nternet $C.

Appl AC- to t!e appropriate interface(s)

(1 point)

erif AC- is *orin as epected

rom t!e &nternet $C? •

•

(1 point)

$in $C=A ($ins s!ould %e unreac!a%le.) $in $C=C ($ins s!ould %e unreac!a%le.)

rom 1, $in t!e &nternet $C ($ins s!ould %e successful.) Note? &t ma %e necessar to disa%le t!e $C fire*all for pins to %e successful.

Step +: Enter the appropriate C.% command needed to display the )ollowing: Command 'escription

Student %nput 5command6

#oints

ispla t!e matc!es an access=list !as recei"ed since t!e last reset.

(1 point)

eset access=list counters.

(1 point)

7!at command is used to displa *!at AC- is applied to an interface and t!e direction t!at it is applied

(1 point)

7!at command displas t!e A# translationsG

Note? #!e translations for $C=A and $C=C *ere added to t!e ta%le *!en t!e &nternet $C attempted to pin t!ese $Cs in 'tep 2. $inin t!e &nternet $C from $C=A or $C= C *ill not add t!e translations to t!e ta%le %ecause of t!e *a t!e &nternet is %ein simulated on t!e net*or.

7!at command is used to clear dnamic A# translationsG

(1 point)

%nstructor Sign/o)) #art 0:  #oints:  o) $+


(1 point)

$ae $+ of $+

En RSSE SkillsAssessment-Student Exam CCNA2

Recommend Documents