SEC450 iLab3 Report
Initial Configuration ISP Router
ip address 22.214.171.124 255.255.255.0
ip address 126.96.36.199 255.255.255.0
ip address 188.8.131.52 255.255.255.0
ip address 184.108.40.206 255.255.255.0
line con 0
line aux 0
line vty 0 4
line vty 5 15
Note: RED text indicates the required questions to answer
Task to Set up Security Policy for Offsite Database Server
#1. Explain the meaning of the "three P's" best practice rule to create ACL in routers
#2. Explain the difference between the following two access-list commands
a) access-list 101 permit tcp any any eq 80
b) access-list 101 permit tcp any eq 80 any
#3. What are well-known, registered, and ephemeral UDP/TCP ports?
#4. What is wrong with ACL 105?
access-list 105 permit tcp any any
access-list 105 deny tcp host 220.127.116.11 any
#5. What well-known TCP port does Oracle Database (sql net) server use?
#6. A company is managing an Oracle Database located in a Public Server to support day-to-day operations in Dallas and Chicago networks. The company has requested its Internet Access Provider (ISP) to create the necessary ACL at the ISP router securing that only responses from Oracle server to certain hosts are allowed to enter Dallas and Chicago LANs.
ISP network engineers decided to use extended ACL, and applies it to F0/0 interface in ISP router. Why did they decide to create an extended ACL and apply it in interface F0/0 for inbound traffic?
#7. Copy below ISP router’s initial running-config file from page 2, and add the commands needed to create and apply the ACL in the ISP router.
Answer all questions in this document and upload it in Week 3 iLab Dropbox.
|$10.00||no category||aj001||1 time(s)|