Print - CCNA Exploration 2 Chapter 1 Exam Answers _ CCNA Exam Answers - CCNA Exam - CCNA Exams
CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2...
Transcript of CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2...
![Page 1: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/1.jpg)
CCNA 200-301, Volume 2Chapter 5Securing Network Devices
![Page 2: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/2.jpg)
Objectives• Explain the Role of Network Components▫ Next-generation firewalls and IPS
• Configure network devices for remote access using SSH
• Configure device access control using local passwords
![Page 3: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/3.jpg)
Example Login Security Configuration
![Page 4: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/4.jpg)
Encryption and the service password-encryption Command
![Page 5: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/5.jpg)
Encryption Is Immediate; Decryption Awaits Next Password Change
![Page 6: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/6.jpg)
One-Way Nature of MD5 Hash to Create Secret
![Page 7: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/7.jpg)
Creation of the enable secret Command
![Page 8: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/8.jpg)
Timeline of Encryptions/Hashes of Cisco IOS Passwords
![Page 9: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/9.jpg)
Commands and Encoding Types for the enable secret Command Command Type Algorithm
enable [algorithm-type md5] secret password 5 MD5
enable algorithm-type sha256 secret password 8 SHA-256
enable algorithm-type scrypt secret password 9 SHA-256
![Page 10: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/10.jpg)
Cisco IOS Encoding Password “mypass1” as Type 9 (SHA-256)
![Page 11: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/11.jpg)
Commands and Encoding Types for the username secret Command
Command Type Algorithm
username name [algorithm-type md5] secret password
5 MD5
username name algorithm-type sha256 secret password
8 SHA-256
username name algorithm-type scrypt secret password
9 SHA-256
![Page 12: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/12.jpg)
vty Access Control Using the access-class Command
![Page 13: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/13.jpg)
Firewall as Positioned in the Packet Forwarding Path
![Page 14: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/14.jpg)
Allowing Outbound Connections and Preventing Inbound Connections
![Page 15: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/15.jpg)
Using Security Zones with Firewalls
![Page 16: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/16.jpg)
Using a DMZ for Enterprise Servers That Need to Be Accessible from theInternet
![Page 17: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/17.jpg)
IPS and Signature Database
![Page 18: CCNA 200-301, Volume 2cs3.calstatela.edu/~egean/cs4471/lecture-notes... · CCNA 200-301, Volume 2 Chapter 5 Securing Network Devices. Objectives • Explain the Role of Network Components](https://reader035.fdocuments.net/reader035/viewer/2022062611/612d4fe41ecc515869421c64/html5/thumbnails/18.jpg)
Next-Generation Firewall with Next-Generation IPS Module