Você está na página 1de 27

M11CDE Skills-based Assessment

2011-12

School of Engineering & Computing Department of Computing

Internet Information Security (M11CDE) Layered Security

Student Name: Saud Aljaloud I certify that this is my own work yes/no and that I have read and understand the University Assessment regulations.

CU 01/11/2011

M11CDE

M11CDE Skills-based Assessment

2011-12

Submission Details The details below indicate what you should submit, when you should submit it and where is should be submitted to. Submission Date and Method Deadline 18st January 2012 both online and paper submission. Submission Format: 1. Fill the online quiz for the practical test which will be available one week before the final fixed deadline. 2. Download an electronic copy of this document and where there are blanks or spaces to complete addressing information etc., please include them in the document. You submission should include the answers in the document, but do not change the document in any other way! If the document has been modified other than to include the required information your submission will be null and void. 3. Your files should be name as SID_FIRSTNAME_SURNAME_FILENAME.xxx. E.g. 100292_FIRSTNAME_SURNAME_ANSWERS.doc. 4. Save the configurations from all your network devices and embed them into the end of this document. 5. If you have attempted to configure VLANs, please also include a switch configuration from any one of your LAN switches. Please note that this must be a switch that you have actually configured VLANs on. 6. If you have implemented the network in Packet Tracer, you may consider submitting a copy of that as well but this is not compulsory. Zero Tolerance for late submission: If your work is late it will have to be marked zero according to new university policy. Please ensure you upload your work well before the deadline. You will be able to delete and update your work before the deadline. Plagiarism Note: As with all assessed work, both the research and written submission should be your own work. When submitting this work you are explicitly indicating that you have read the rules on plagiarism as defined in the University regulations and that all work is in fact your own, except where explicitly referenced using the accepted referencing style. Feedback and marking: The practical work will be marked by using the questions set in the online quiz and number of questions for each section will depend on the weightings set in the below sections. Feedbacks and marks will be provided once the online practical quiz is submitted.

CU 01/11/2011

M11CDE

M11CDE Skills-based Assessment

2011-12

Network topology

[Whilst the topology shows only two hosts on each LAN, you should configure four hosts on each LAN.]

CU 01/11/2011

M11CDE

M11CDE Skills-based Assessment Network Information

2011-12

The WAN IP network address between Dundee and Glasgow is 209.154.17.0 with a subnet mask of 255.255.255.0. The WAN IP network address between Edinburgh and Glasgow is 209.154.16.0 with a subnet mask of 255.255.255.0. This is clearly shown on the network topology.

Dundee information The LAN for Dundee has been assigned an IP network address of 192.168.6.0 Each subnet of the above network needs to accommodate 14 host addresses. The subnet mask will be 255.255.255.240. This is worked out by borrowing 4 bits from the final octet and is shown in the table below.

Table 1 Custom Subnet Mask for Dundee 255 128 64 32 16 8 4 2 1 1 1 1 1 1111 255 128 64 32 16 8 4 2 1 1 1 1 1 1111 255 128 64 32 16 8 4 2 1 1 1 1 1 1111 240 128 64 32 16 8 4 2 1 1 1 1 1 0000

Use the 6th usable subnet for the LAN. Do not use subnet zero as the first usable subnet. The table below shows how the 6th usable network can be identified.
Network 0 1 2 3 4 5 6 7 Network ID 192.168.6.0 192.168.6.16 192.168.6.32 192.168.6.48 192.168.6.64 192.168.6.80 192.168.6.96 192.168.6.112 First Host 192.168.6.1 192.168.6.17 192.168.6.33 192.168.6.49 192.168.6.65 192.168.6.81 192.168.6.97 192.168.6.113 Last Host 192.168.6.14 192.168.6.30 192.168.6.46 192.168.6.62 192.168.6.78 192.168.6.94 192.168.6.110 192.168.6.126 Broadcast 192.168.6.15 192.168.6.31 192.168.6.47 192.168.6.63 192.168.6.79 192.168.6.95 192.168.6.111 192.168.6.127 Mask /28 /28 /28 /28 /28 /28 /28 /28

You should be able to identify the pattern (or magic number from the subnet mask). If it is not immediately apparent subtract the last non-zero octet from 256.

CU 01/11/2011

M11CDE

M11CDE Skills-based Assessment Edinburgh information The LAN for Edinburgh has been assigned an IP network address of 192.168.5.0

2011-12

Again, each subnet of the above network needs to accommodate 14 host addresses. The subnet mask will be 255.255.255.240. This is worked out by borrowing 4 bits from the final octet and is shown in the table below.

Table 1 Custom Subnet Mask for Edinburgh 255 128 64 32 16 8 4 2 1 1 1 1 1 1111 255 128 64 32 16 8 4 2 1 1 1 1 1 1111 255 128 64 32 16 8 4 2 1 1 1 1 1 1111 240 128 64 32 16 8 4 2 1 1 1 1 1 0000

Use the 4th usable subnet for the LAN. Do not use subnet zero as the first usable subnet. You must follow the example for Dundee to complete the table for step 1 planning.

You should be able to identify the pattern (or magic number from the subnet mask). If it is not immediately apparent subtract the last non-zero octet from 256.

CU 01/11/2011

M11CDE

M11CDE Skills-based Assessment The elements of the coursework are: 1. Planning and assigning addresses [30 marks] 2. Basic configuration [40 marks] 3. Security ACLs [10 marks] 4. Security VLANs [20 marks]

2011-12

The basic theme is that Glasgow (GLA) is regional headquarters of the company. Edinburgh and Dundee are branch offices. Each network associate (student) will be responsible for an entire network. This means that using either the lab equipment in ASG21/22 or Packet Tracer, you will configure 3 routers, 2 switches and 8 PCs.

A network address and specific number of hosts per subnet has been assigned for the local LAN on each network (Edinburgh and Dundee). From the information provided, the subnet address, the subnet mask, the first and last usable addresses and the broadcast address for each site LAN need to be determined. (When using the router or Packet Tracer - it is expected that you keep a copy of your router configuration at each stage, just in case you run into problems).

CU 01/11/2011

M11CDE

M11CDE Skills-based Assessment Step 1 Planning

2010-11

Using the chart below, plan the first ten usable subnets of the LAN address assigned to Edinburgh. You have been given the first 6 addresses for Dundee, you are now expected to plan for the first 10 addresses for Edinburgh.
Subnet 0 1 2 3 Subnet Address 192.168.5.0 192.168.5.16 192.168.5.32 192.168.5.48 Subnet Mask (/x) /28 /28 /28 /28 First Host 192.168.5.1 192.168.5.17 192.168.5.33 192.168.5.49 Last Host 192.168.5.14 192.168.5.30 192.168.5.46 192.168.5.62 Broadcast 192.168.5.15 192.168.5.31 192.168.5.47 192.168.5.63

4
5 6 7 8 9 0

192.168.5.64
192.168.5.80 192.168.5.96 192.168.5.112 192.168.5.128 192.168.5.144 192.168.5.0

/28
/28 /28 /28 /28 /28 /28

192.168.5.65
192.168.5.81 192.168.5.97 192.168.5.113 192.168.5.129 192.168.5.145 192.168.5.1

192.168.5.78
192.168.5.94 192.168.5.110 192.168.5.126 192.168.5.142 192.168.5.158 192.168.5.14

192.168.5.79
192.168.5.95 192.168.5.111 192.168.5.127 192.168.5.143 192.168.5.159 192.168.5.15

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

2010-11

For the WAN links for DUN and EDN the lowest usable address on the networks must be used.

Identify and use the lowest usable WAN address for your S0 interface assigned to you for the two networks shown:

1 Dundee: 2 Edinburgh:

S0 209.154.17.1 S0 209.154.16.1

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

For security reasons, all of the production workstations will be assigned the lower-half of the IP addresses of the assigned subnet. All of the network devices and management stations will be assigned the upper-half of the IP address numbers of the subnet assigned for the LAN. From this upper half range of addresses, the Ethernet router interface (the default gateway on each LAN) is to be assigned the highest usable address. Identify the required IP address of the Ethernet interface on your two routers.

Address of your Ethernet interface on Dundee : 192.168.6.110 Address of your Ethernet interface on Edinburgh : 192.168.5.78

The host (PC) configurations must also be planned. Using the table, complete the host information. Branch: DUN Production Host Range (Lower half) Management Host Range (Upper half) IP Address Range 192.168.6.97 - 192.168.6.103

192.168.6.104

- 192.168.6.110

[5 marks for ranges of addresses] Supply addresses for a production and management host. Production Host (1) IP Address Subnet Mask Default Gateway Management Host (1) IP Address Subnet Mask Default Gateway Branch: EDN Production Host Range (Lower half) Management Host Range (Upper half) 192.168.6.104 255.255.255.240. 192.168.6.110 IP Address Range 192.168.5.65 - 192.168.5.71 192.168.6.97 255.255.255.240. 192.168.6.110

192.168.5.72 - 192.168.5.78

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

Supply addresses for a production and management host. Production Host (1) IP Address Subnet Mask Default Gateway Management Host (1) IP Address Subnet Mask Default Gateway 192.168.5.72 255.255.255.240. 192.168.5.78 192.168.5.65 255.255.255.240. 192.168.5.78

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

Step 2 Basic Configuration Apply a basic configuration to the router. This configuration should include all the normal configuration items. You must supply one router configuration file. This will be either Dundee or Edinburgh. The router configuration files will be marked as follows:

Basic Configuration

Router name Console and VTY configuration and passwords (use cisco, class and berril for console, secret and VTY passwords respectively)

Interface configurations DTE/DCE identified appropriately and clockrates set only on DCE Routing correct and working (RIP is fine) Host tables Banner display before login warn of unauthorised access

Basic Configuration (40 marks)

Security (ACLS - Marked as part of step 3)

1. ACLs correct and applied to correct interface in correct direction [10] 2. ACLs correct but not applied to correct interface or direction [7 - 9] 3. ACLs attempted but some errors or wrong placement [4 - 6] 4. ACLs attempted but incorrect and not applied properly [1- 3] 5. ACLs not attempted [0]

ACL Total (Total 10 marks)

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

Step 3 Security

There are several security concerns in the Internetwork. Develop Access Control Lists (ACLs) to address security issues. The following problems must be addressed:

1. The production hosts in both the Edinburgh and Dundee networks are permitted HTTP access to the 172.16.0.0 network, management hosts are permitted no access to this network.

2. The company has discovered an Internet Web server at 198.145.7.1 that is known to contain viruses. All hosts are banned from reaching this site.

The ACLs are worth 10 marks.

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

Step 4 VLANs This step is the final 20% of the coursework mark. To achieve this step you should consider how you might use a VLAN to separate the production and management LANs. The goal is that neither network should be able to see the other network traffic. There is no additional guidance on this part of the skills test as you are expected to identify:

1. An appropriate VLAN number to use for each VLAN. 2. An appropriate VLAN configuration. 3. Implement the VLAN and provide the switch configuration file(s) to show that the VLAN has been implemented.

VLAN Marks The VLAN component will be marked as follows: VLAN configured and correct configuration supplied [20] VLAN identified but configuration incomplete or incorrect [10 15] VLAN attempted [5 10 depending on level of attempt] VLAN not attempted [0]

VLAN (Total 20 marks)

Appendix Network device configurations

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

Configuration of Edinburgh Router: Press RETURN to get started.

Warn of unauthorised access User Access Verification Password: EDN>en Password: EDN#sh run Building configuration... Current configuration : 1179 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname EDN ! ! ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! ! ! ! ! ! ! ! ! ! ip host 209.154.17.2 192.168.6.104 ip host DUN 209.154.17.2 192.168.6.104 ip host GLA 209.154.16.1 209.154.17.1 ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.5.78 255.255.255.240 ip access-group 101 in duplex auto speed auto ! interface FastEthernet1/0 no ip address duplex auto speed auto shutdown !

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

interface Serial2/0 ip address 209.154.16.2 255.255.255.0 ! interface Serial3/0 no ip address shutdown ! interface FastEthernet4/0 no ip address shutdown ! interface FastEthernet5/0 no ip address shutdown ! router rip network 172.16.0.0 network 192.168.5.0 network 192.168.6.0 network 209.154.16.0 network 209.154.17.0 ! ip classless ! ! access-list 101 deny tcp 192.168.5.72 0.0.0.7 172.16.0.0 0.0.255.255 eq www access-list 101 permit tcp 192.168.5.64 0.0.0.7 172.16.0.0 0.0.255.255 eq www ! banner motd ^C Warn of unauthorised access ^C ! ! ! ! line con 0 password cisco login line vty 0 4 password berril login ! ! ! end

EDN#

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

Configuration of Dundee Router:

Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706

Cisco Internetwork Operating System Software IOS (tm) PT1000 Software (PT1000-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang PT 1001 (PTSC2005) processor (revision 0x200) with 60416K/5120K bytes of memory . Processor board ID PT0123 (0123) PT2005 processor: part number 0, mask 01 Bridging software. X.25 software, Version 3.0.0. 4 FastEthernet/IEEE 802.3 interface(s) 2 Low-speed serial(sync/async) network interface(s) 32K bytes of non-volatile configuration memory. 63488K bytes of ATA CompactFlash (Read/Write) Press RETURN to get started!

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up %LINK-5-CHANGED: Interface FastEthernet1/0, changed state to up %LINK-5-CHANGED: Interface Serial3/0, changed state to up %LINK-5-CHANGED: Interface FastEthernet1/0, changed state to administratively down %SYS-5-CONFIG_I: Configured from console by console %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up Warn of unauthorised access User Access Verification Password: DUN>en Password:

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

DUN#sh run Building configuration... Current configuration : 1218 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname DUN ! ! ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! ! ! ! ! ! ! ! ! ! ip host EDN 209.154.16.2 192.168.5.72 ip host GLA 209.154.16.1 209.154.17.1 ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.6.110 255.255.255.240 ip access-group 102 in duplex auto speed auto ! interface FastEthernet1/0 no ip address duplex auto speed auto shutdown ! interface Serial2/0 no ip address ipv6 ospf cost 781 shutdown ! interface Serial3/0 ip address 209.154.17.2 255.255.255.0 ipv6 ospf cost 781 ! interface FastEthernet4/0 no ip address shutdown ! interface FastEthernet5/0

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

no ip address shutdown ! router rip network 172.16.0.0 network 192.168.5.0 network 192.168.6.0 network 209.154.16.0 network 209.154.17.0 ! ip classless ! ! access-list 102 permit ip any any access-list 102 permit tcp 192.168.6.96 0.0.0.7 172.16.0.0 0.0.255.255 eq www access-list 102 deny tcp 192.168.6.104 0.0.0.7 172.16.0.0 0.0.255.255 eq www ! banner motd ^C Warn of unauthorised access ^C ! ! ! ! line con 0 password cisco login line vty 0 4 password berril login ! ! ! end

DUN# DUN#

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

Configuration of Glasgow Router: User Access Verification Password: Password: GLA>en Password: GLA#sh run Building configuration... Current configuration : 910 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname GLA ! ! ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! ! ! ! ! ! ! ! ! ! ip host DUN 192.168.6.104 209.154.17.2 ip host EDN 192.168.5.72 209.154.16.2 ! ! ! ! ! ! interface FastEthernet0/0 ip address 172.16.1.1 255.255.0.0 ip access-group 10 out duplex auto speed auto ! interface Serial2/0 ip address 209.154.16.1 255.255.255.0 clock rate 9600 ! interface Serial3/0 ip address 209.154.17.1 255.255.255.0 clock rate 9600 ! router rip network 172.16.0.0 network 192.168.5.0

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

network 192.168.6.0 network 209.154.16.0 network 209.154.17.0 ! ip classless ! ! access-list 10 permit any access-list 10 deny host 198.145.7.1 ! banner motd ^C Warn of unauthorised access ^C ! ! ! ! line con 0 password cisco login line vty 0 4 password berril login ! ! ! end

GLA# GLA#

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

SwitchDun(config)#interface FastEthernet0/1 SwitchDun(config-if)# SwitchDun(config-if)# SwitchDun(config-if)#switchport trunk allowed vlan add 1 SwitchDun(config-if)# SwitchDun(config-if)#end SwitchDun# %SYS-5-CONFIG_I: Configured from console by console copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] SwitchDun# SwitchDun#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] SwitchDun# SwitchDun#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchDun(config)# SwitchDun(config)#interface FastEthernet0/1 SwitchDun(config-if)# SwitchDun(config-if)# SwitchDun(config-if)#switchport trunk allowed vlan add 1002 SwitchDun(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up duplex auto SwitchDun(config-if)# SwitchDun(config-if)#exit SwitchDun(config)# SwitchDun(config)#end SwitchDun# %SYS-5-CONFIG_I: Configured from console by console copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] SwitchDun#

SwitchDun con0 is now available

Press RETURN to get started.

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

SwitchDun> SwitchDun>sh run ^ % Invalid input detected at '^' marker. SwitchDun>en SwitchDun#sh run Building configuration... Current configuration : 599 bytes ! version 12.1 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname SwitchDun ! ! ! interface FastEthernet0/1 switchport access vlan 20 switchport trunk allowed vlan 1-1002 switchport mode trunk ! interface FastEthernet1/1 switchport access vlan 10 ! interface FastEthernet2/1 switchport access vlan 10 ! interface FastEthernet3/1 switchport access vlan 20 ! interface FastEthernet4/1 switchport access vlan 20 ! interface Vlan1 no ip address shutdown ! ! line con 0 ! line vty 0 4 login line vty 5 15 login ! ! end

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

SwitchDun# SwitchDun#

------------------Destination filename [startup-config]? Building configuration... [OK] SwitchEDN# SwitchEDN#sh run Building configuration... Current configuration : 521 bytes ! version 12.1 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname SwitchEDN ! ! ! interface FastEthernet0/1 shutdown ! interface FastEthernet1/1 switchport access vlan 10 ! interface FastEthernet2/1 switchport access vlan 10 ! interface FastEthernet3/1 switchport access vlan 20 ! interface FastEthernet4/1 switchport access vlan 20 ! interface Vlan1 no ip address shutdown ! ! line con 0 ! line vty 0 4 login line vty 5 15 login ! ! end

SwitchEDN# SwitchEDN# SwitchEDN#

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

SwitchEDN#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchEDN(config)#interface FastEthernet0/1 SwitchEDN(config-if)#no shutdown %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up SwitchEDN(config-if)# SwitchEDN(config-if)#exit SwitchEDN(config)#interface FastEthernet0/1 SwitchEDN(config-if)# SwitchEDN(config-if)#exit SwitchEDN(config)#interface FastEthernet0/1 SwitchEDN(config-if)# SwitchEDN(config-if)#exit SwitchEDN(config)# SwitchEDN(config)#interface FastEthernet0/1 SwitchEDN(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up SwitchEDN(config-if)#switchport mode trunk SwitchEDN(config-if)# SwitchEDN(config-if)#exit SwitchEDN(config)#interface FastEthernet0/1 SwitchEDN(config-if)# SwitchEDN(config-if)#exit SwitchEDN(config)#interface FastEthernet0/1 SwitchEDN(config-if)# SwitchEDN(config-if)#switchport mode trunk SwitchEDN(config-if)#

SwitchEDN con0 is now available

Press RETURN to get started.

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

SwitchEDN>enable SwitchEDN#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchEDN(config)#interface FastEthernet0/1 SwitchEDN(config-if)#

SwitchEDN con0 is now available

Press RETURN to get started.

SwitchEDN> SwitchEDN>en SwitchEDN#sh run Building configuration... Current configuration : 534 bytes ! version 12.1 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname SwitchEDN ! ! ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet1/1 switchport access vlan 10 ! interface FastEthernet2/1 switchport access vlan 10 ! interface FastEthernet3/1 switchport access vlan 20 ! interface FastEthernet4/1 switchport access vlan 20 ! interface Vlan1

CU 17/11/2009

M11CDE

M11CDE Skills-based Assessment

Version 1

no ip address shutdown ! ! line con 0 ! line vty 0 4 login line vty 5 15 login ! ! end

SwitchEDN#

CU 17/11/2009

M11CDE