CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

CCSP SelfStudy CCSP CSI: Exam Certification Guide, Second Edition [Electronic resources] - نسخه متنی

Tebyan

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید





  • Scenario 21-1


    This scenario, depicted in Figure 21-1, involves a typical small network design model in a standalone configuration.

    Figure 21-1. Small Network Design

    Assume that basic security has already been applied to the router and that you are connected to the console port and able to access exec mode. Given this network scenario, perform the following tasks:

    1:

    Configure the router so that it reports to the syslog server.

    2:

    Apply the Cisco IOS Firewall to the inside and outside interfaces using the name "FIREWALL" and only allow inspection for TCP, UDP, FTP, and SMTP services. Enable the logging of session information.

    3:

    Allow only legitimate traffic from the inside network and, at the same time, prevent IP address spoofing.

    4:

    Deny all outbound traffic from the inside network. (Remember that the inspection list allows openings in the ACL.)

    5:

    Allow only legitimate traffic from the DMZ segment and, at the same time, prevent IP address spoofing.

    6:

    Prevent all traffic on to the DMZ apart from those services that are available from the public server.

    7:

    Apply RFC 1918 filtering to the outside interface.


      / 290