Packet Tracer - Skills Assessment v3 BHI & CAE ASSESSMENT COVER SHEET This form must be attached to the front of all submitted hard copy assessments. Student Details: Student to complete Student Name:...

2 answer below »
Hi, i need this assessment and the packet tracer file done, thanks


Packet Tracer - Skills Assessment v3 BHI & CAE ASSESSMENT COVER SHEET This form must be attached to the front of all submitted hard copy assessments. Student Details: Student to complete Student Name: Insert your name here Student ID : Insert your Student ID here Student Declaration: By signing below, I declare that the work submitted here is my own work and it does not include work which is plagiarised, copied in whole or in part from another student or other source such as published books, internet or journals without due acknowledgement in the text. Student Signature: Insert your Signature here Date: Insert the date you submitted this assessment Assessment Details: Teacher to complete Course National ID and Title 22334VIC Certificate IV in Cyber Security Unit/s National ID and Title VU21991 - Implement Network Security Infrastructure for an Organization Instructor Guide Assessment Task number and name Assessment Task 4: SBA Date due: Sunday after session 16 class Date submitted: Assessor Name: TBA Assessment Result and Feedback Result |_| Satisfactory |_| Not yet Satisfactory Re-submit date if required: Feedback: Assessor’s signature: Date: Assessment Review If you believe that you have been assessed unfairly, you have the right to request an informal assessment review. When your assessment cover sheet is returned to you, you can request an informal review by filling in the section below and returning it to your assessor or the Operations Manager of your area. If you are not satisfied with the outcome, you can apply for a formal review of assessment on the application form located on the Box Hill Institute Website https://goo.gl/Pb3Rtx VCE courses: VCAA rules and regulations replace the above assessment review. Please see your VCE Teacher or VCE Coordinator for further discussion. I request a review of my assessment for the following reasons (not applicable to VCE courses): Student Signature Date Instructions to Student Assessment task name Assessment Task 4: SBA Assessment task type Skills Demonstration Time allowed Week 14 - 16 in class Where the assessment will take place In timetabled classroom Personal protective equipment required N/A Emergency procedures Report Issues to Teacher or coordinators as appropriate Equipment provided PC on campus during class time Individual or group work Individual Support equipment allowed i.e.: calculator, dictionary All tools as appropriate for the assessment Context and conditions of assessment Assessment must be conducted in a safe environment where evidence gathered demonstrates consistent performance of typical activities experienced in the knowledge management – research field of work and include access to: · workplace information systems, equipment and resources · workplace policies and procedures · Case studies and, where possible, real situations. Assessors must satisfy NVR/AQTF assessor requirements. What to submit The completed report is to be submitted to StudentWeb under the Assessment Task 4: SBA How to submit Submit the completed document (this document) to the Assessment Task 4: SBA s section on StudentWeb. How to present your work Complete this word document and answer all questions in the spaces provided. The coversheet must be submitted when uploading to StudentWeb. How many attempts at assessment are permitted Students will be given 2 attempts to resubmit an assessment; additional attempts must be organized with teacher and student prior to submission. Naming protocol for electronic files ID_AT1_API.doc E.g.: S10054440_AT1_ API.doc All files that do not have this naming convention will be sent back to you as it resembles part of you assessment that the information is corrected handled and stored. How will the assessment judgement be made |_| Observation checklist |_| Exemplar |_|Performance checklist |X| Rubric |_| Answer guide |_| - Safety If at any time during the learning and assessment process, your Trainer/Assessor considers that the safety of any person is at risk they will abort the session. Reasonable Adjustment Students identifying as having a disability may access reasonable adjustment to enable them to participate in training and assessment on the same basis as other students. Students can learn more about this through the Learners with a disability policy and procedure on the Box Hill Institute website http://www.boxhill.edu.au/for-students/student-support or by calling Student Life on 9286 9891, by emailing the Disability liaison service on [email protected] or by calling into the Student Life office at Elgar Campus in E3.G56, just near the cafeteria. Special Consideration Where a student anticipates that a result will be impacted by special circumstances such as ill health or bereavement, application can be made for special consideration. Forms can be accessed from the Student Life office at Elgar Campus in E3.G56 or downloaded at: http://www.boxhill.edu.au/for-students/student-information/forms-and-downloads. VCE courses: Supplementary exam procedures apply. Please see your VCE Teacher or VCE Coordinator for further discussion. PART A: VU21991 Labs In order for you to successfully complete the SBA you will need to demonstrate to your instructor that you have completed the following Labs: NETLAB: 2.6.1.2 Configuring Admin Access 3.6.1.1 Configuring AAA 4.4.1.2 Configuring Zone based Policy firewalls 5.4.1.1 Configuring IPS 8.4.1.3 Configuring Site to Site IPSec 10.3.1.1 Configuring SSH Packet Tracer: 2.6.1.3 Packet Tracer - Configure Cisco Routers for Syslog, NTP, and SSH Operations 3.6.1.2 Packet Tracer - Configure AAA Authentication on Cisco Routers 4.4.1.1 Packet Tracer - Configuring a Zone-Based Policy Firewall (ZPF) 5.4.1.2 Packet Tracer - Configure IOS Intrusion Prevention System (IPS) Using CLI 8.4.1.2 Packet Tracer - Configure and Verify a Site-to-Site IPsec VPN Using CLI Note that these labs were part of the Case Study Today’s Instructions: 1. Download the VU21991-AT4-SBA.pka file from StudentWeb 2. Double click on it to open it in Packet Tracer 3. Login with your NetAcad username and password into Packet Tracer. 4. Once the Packet Tracer Topology loads, click on File , then Save As. 5. Save the file with you Student Number at the start of the file name: a. Eg: S123456789-VU21991-AT4-SBA.pka 6. Follow the instructions in this document to complete the task. a. Note: Packet Tracer also provides feedback as part of the activity checker. 7. Once you have reached as close to 100% as you can get, and completed the testing and verification commands in this document: a. Save the Packet Tracer file and upload it to StudentWeb Please ensure you save your work and that the filename has your student number in it. PART B VU21991 AT4 SBA - Packet Tracer Topology Addressing Table Device Interface IP Address Subnet Mask Default Gateway Perth Gig0/0 192.168.20.1 255.255.255.0 N/A Gig0/1 203.63.35.2 255.255.255.0 N/A Loopback 1 203.63.36.1 255.255.255.0 N/A Melbourne Gig0/0 192.168.30.1 255.255.255.0 N/A Gig0/1 203.78.57.2 255.255.255.0 N/A Loopback 1 203.78.58.1 255.255.255.0 N/A PC-0 NIC DHCP 255.255.255.0 192.168.20.1 PC-1 NIC DHCP 255.255.255.0 192.168.20.1 Syslog NIC 192.168.20.50 255.255.255.0 192.168.20.1 PC-3 NIC 192.168.30.100 255.255.255.0 192.168.30.1 Objectives · Configure basic router security · Configure AAA local authentication · Configure SSH · Secure against login attacks · Configure site-to-site IPsec VPNs · Configure firewall and IPS settings Scenario This culminating activity includes many of the skills that you have acquired during this course. The routers and switches are preconfigured with the basic device settings, such as IP addressing and routing. You will secure routers using the CLI to configure various IOS features, including AAA, SSH, and IPS. You will configure a site-to-site VPN between Perth and Melbourne. Requirements Note: Not all security features will be configured on all devices, however, they would be in a production network. Configure Basic Router Security(read carefully and case sensitive) · Configure the following on Perth and Melbourne: · Minimum password length is 10 characters. · Encrypt plaintext passwords. · Privileged EXEC mode secret password is ciscoenapa55. · Console line password is ciscoconpa55, timeout is 15 minutes, and console messages should not interrupt command entry. · A message-of-the-day (MOTD) banner should include the exact sentence below ^C Unauthorised Access is Prohibited ^C (there is a space in front and end of sentence) Configure AAA Local Authentication · Configure the following on Perth and Melbourne: · Create a local user account of Admin01, a secret password of Admin01pa55, and a privilege level of 15. · Enable AAA services with login default · Implement AAA services using the local database as the first option and then the enable password as the backup option. Configure SSH · Configure the following on Perth and Melbourne: · The domain name is VU21991.edu.au · The RSA key should be generated with 1024 modulus bits. · Only SSH version 2 is allowed. · Only SSH is allowed on VTY lines. · Verify that PC-0 can remotely access Perth using SSH. Secure Against Login Attacks (read carefully) · Configure the following on Perth and Melbourne: · If a user fails to log in twice within a 30-second time span, disable logins for one minute. · Log all failed login attempts. Configure Site-to-Site IPsec VPNs(read carefully and use exact name and case) Note: Some VPN configurations are not scored. However, you should be able to verify connectivity across the IPsec VPN tunnel. · Enable the Security Technology package license on Perth – Note these are C2900 Routers · Save the running configuration before reloading. · Configure the following on Perth: · Create an access list to identify interesting traffic on Perth. · Configure ACL 111 to allow traffic from the Perth Gig0/0 network to the Melbourne Gig0/0 LAN. · Configure the crypto isakmp policy 10 Phase 1 properties on Perth and the shared crypto key CiscoSecure789. Use the following parameters: · Key distribution method: ISAKMP · Encryption: aes 256 · Hash: sha · Authentication method: pre-shared · Key exchange: DH Group 5 · IKE SA lifetime: 3600 · ISAKMP key: CiscoSecure789 · Create the transform set VPN-SET to use esp-aes 256 and esp-sha-hmac. Then create the crypto map VPN-MAP that binds all of the Phase 2 parameters together. Use sequence number 10 and identify it as an ipsec-isakmp map. Use the following parameters: · Transform set: VPN-SET · Transform encryption: esp-aes 256 · Transform authentication: esp-sha-hmac · Perfect Forward Secrecy (PFS): group5 · Crypto map name: VPN-MAP · SA establishment: ipsec-isakmp · Bind the crypto map (VPN-MAP) to the outgoing interface. · Verify that the Security Technology package license is enabled. Repeat the site-to-site VPN configurations on Melbourne so that they mirror all configurations from Perth. · Ping the PC-0 interface from PC-2. On Melbourne, use the show crypto ipsec sa command to verify that the number of packets is more than 0, which indicates that the IPsec VPN tunnel is working. Enable logging. · Enable syslog on Perth. · Set the clock on Perth
Answered 8 days AfterMay 26, 2021VU21991

Answer To: Packet Tracer - Skills Assessment v3 BHI & CAE ASSESSMENT COVER SHEET This form must be attached to...

Ali Asgar answered on Jun 04 2021
136 Votes
S12546-VU21991-AT4-SBA.pka
final config/Melbourne_running-config.txt
!
version 15.1
service timestamps log datetime msec
no service timestamps debug
datetime msec
service password-encryption
security passwords min-length 10
!
hostname Melbourne
!
login block-for 60 attempts 2 within 30
login on-failure trap
!
!
enable secret 5 $1$mERr$166lGoPJRwPznaeDR/4cZ0
!
!
!
!
!
aaa new-model
!
aaa authentication login default local enable
!
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
username Admin01 privilege 15 secret 5 $1$mERr$Jj7To5G9RItlZ3jcQt1WO1
!
!
license udi pid CISCO2911/K9 sn FTX152403MZ-
license boot module c2900 technology-package securityk9
!
!
!
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 5
lifetime 3600
!
crypto isakmp key CiscoSecure789 address 203.63.35.2
!
!
!
crypto ipsec transform-set VPN-SET esp-aes 256 esp-sha-hmac
!
crypto map VPN-MAP 10 ipsec-isakmp
set peer 203.63.35.2
set pfs group5
set transform-set VPN-SET
match address 111
!
!
!
!
ip ssh version 2
no ip domain-lookup
ip domain-name VU21991.edu.au
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface Loopback1
ip address 203.78.58.1 255.255.255.255
!
interface GigabitEthernet0/0
ip address 192.168.30.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 203.78.57.2 255.255.255.0
duplex auto
speed auto
crypto map VPN-MAP
!
interface GigabitEthernet0/2
no ip address
duplex auto
speed auto
...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here