RSS

Chapter 9

Lab 9.2.7




Step 1 : Build the network and configure the hosts


Step 2 : Record the baseline IP address information for computers and intergrated router


a. IP address : 192.168.1.2
   Subnet mask : 255.255.255.0
   Default gateway : 192.168.1.1
   DNS : 
   DHCP :
   
b. Internal IP address : 192.168.1.3
    Subnet mask : 255.255.255.0
    Enabled.
    External (internet) IP address : 10.1.1.5
    Subnet mask : 255.0.0.0
    Default gateway IP address : 10.1.1.1
    DNS server :


c.IP address : 192.168.2.2
   Subnet mask : 255.255.255.0
   Default gateway :  192.168.2.1
   Web server 1 protocol and name : 
   Web server 2 protocol and name :
    FTP server 1 protocol and name :
    FTP server 2 protocol and name :

Step 3, 4, 5, 6, 7, 8

Masalah yang biasanya terjadi yaitu masalah routing.
Perintah - perintah yang bisa digunakan untuk menyelesaikan masalah ini :
- show ip route, untuk mengeluarkan isi dari tabel routing. Contoh nya : 
     ~ show ip route connected,
     ~ ip default network.
     ~ show ip route database
     ~ show ip route protocols
     ~ show ip route address
- Lakukan perintah ping dan telnet.
- Gunakan teknik top-down, bottom-up, dan divide and conquer.

Step 9 : Refelection

a. Divide and conquer.

b. Divide and conquer

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Chapter 8

Lab 8.4.2



Part 1 : Configuring access policies

Step 1 : Build The Network and Configure The Hosts

c. Host-A : IP address : 192.168.2.1
                  Subnet Mask : 255.255.255.0
                  Default Gateway : 192.168.2.2
   Host-B(DMZ Server) : IP address : 192.168.189.202
                                       Subnet Mask : 255.255.255.0
                                       Default Gateway : 192.168.189.1
   External Server : IP address : 192.168.10.1
                            Subnet Mask : 255.255.255.0
                            Default Gateway : 192.168.10.2

Step 2 : Log in to the user interface

c. Tipe koneksi internet nya : wireless internet connection.

d. Default router (internal) : IP address : 192.168.1.1
                                         Subnet mask : 255.255.255.0

f. Default router (external) : IP address : 192.168.2.1
                                          Subnet mask : 255.255.255.0

Step 3 :  View Multi Function device Firewall settings

b. Status SPI firewall protection : enabled.

c. Internet filter yang digunakan : filter anonymous internet request, filter IDENT (port 113). 

d. Keuntungan memfilter IDENT Provide :  mencegah penyusup dari luar menyerang router melalui internet.
    

Step 4 : Set up Internet Access Restrictions based on IP Address 

d. Ya.

e. Tidak.

f. Menggunakan proxy.

Step 5 : Set up an Internet Access Policy based on Application

c. 

f. Ya.

g. Tidak.


Part 2 : Configuring a DMZ on the multi-function device


Step 1 : Set up simple DMZ


c. Karena DMZ berguna untuk menambahkan lapisan keamanan untuk LAN.


e. Ya.


f. Ya.


g. Tidak.


Step 2 : Set up a host with single port forwarding


d. Ya.


e. Tidak.

Lab 8.4.3


Step 1 : Download and install MBSA


b. MBSA versi 2.2


c. Fitur MBSA : 
         -Command-line and Graphical User Interface (GUI) options
         - Scan local computer, remote computer, or groups of computer
         -Scan against Microsoft's maintained list of updates (on Microsoft.com) or local server running Software Update Services 1.0
         - Scan for common security configuration vulnerabilitie
         - Scan for missing security updates
         - View reports in MBSA Graphical User Interface or Command Line Interface
         - Compatibility with SMS 2.0 and 2003 Software Update Services Feature Pack
         - Support for single processor and multiprocessor configurations
         - Localized to English, French, German, and Japanese although MBSA 1.2.1 can scan a machine of any local


f. Antara 1.5 MB - 1.7 MB


Step 2 : Build the network and configure the hosts


c. IP address : 192.168.1.1
    Subnet mask : 255.255.255.0


Step 3 : Run MBSA on a Host


a. Options yang muncul :
    - Welcome
    - Pick a computer to scan
    - Pick multiple computer to scan
    - Pick a security report to view
    - Help
    - About
    - Microsoft Security Web Site


Step 4 : Select a computer to scan


b. 2 cara spesifik untuk men-scan komputer : 
    - Scan using assign Update Services servers only
    - Scan using Microsoft Update only


Step 5 : View Security Update scan Results


a. 


b.


Step 6 : View Windows Scan Results in the Security Report


a. Local Account Password Test, Automatic Update, Guest Account, File system.


b. 


Step 7 : View Desktop Application Scan Results in the security report


a. Macro security


b. 4


c. Tidak.


Step 8 : Scan a server, if avaible


Step 10 : Refelction


a.  Tools :
        - Client versions of Windows, including Windows 
        - Windows Server, including Windows Server 2008
        - SQL Server
        - Internet Information Server (IIS)
        - Internet Explorer 
        - Microsoft Office

b. SQL server

c. Step 8.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Kuis Chapter 9

1. a small office uses a wireless ISR to connect to a cable modem for internet access. The network administrator receives a call tahat one office computer cannot access external website. The first troubleshooting step that the network administrator performs is to ping the ISR. While troubleshooting technique does this represent?

D. divide-and-conquer.

2. Select three items that should be documented after troubleshooting an internal web server crash (choose three)
      a. when the problem occurred
      e. steps that were performed to identify the cause of the problem
      f. steps that were performed that failed to identify the cause of the problem

3. A user calls the help desk  to report a workstation problem. While three questions would the most helpful information for troubleshooting? (choose three)
a.       A.if you received an error message, what was it?
b.      B.Have there been any changes to your workstation recently?
c.       D.what version of operationg system is running on your workstation?

4. A user wants to lest connectivity between host 3 and 8 on a network. Which command can be used to verify a connection?
      b. ping

5. Ipconfig = displays IP settings on host
Netstat = display network connections
Ping = tests connections to other IP host
Tracert = displays route taken to destination
Nslookup = asks name server for into on destination domain

6. Which three pieces of information are revealed by yhe config command? (choose three)
b. Ip address
e. subnet mask
f. default gateway

7. How does an activity LED indicate that traffic is moving through a port?
a. by flashing

8. What is one of the most common reasons why hosts could be unable to connect?
b. cabling problems

9. Which three factors can affect the ability of host to connect to an AP using radio frequency signals? (choose three)
      b. The 802.11A is not compatible with the 802.11 B/G standars
      c. The avalaible bandwith between devices is shared with APs
      e. Mulitple devices running on the same frequency causes interference

10. what step should be taken once a problem is resolved?
      c. update the documentation

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Kuis Chapter 8

1. Drag the network threat on the left to the definition on the right.
a. Data loss à destroying data on a hard drive
b. Data manipulation à changing data for personal gain
c. Disruption of service à overloading a server to reduce its performance
d. Information theft à stealing data on a hard drive to gain a competitive advantage
e.  Identity à stealing information to impersonate someone and usually to obtain credit.

2. How does a phisher typically contact a victim?
by  E-mail

3. A file is downloaded from the internet. After the user opens the downloaded file, the user’s hard drive crashes and all information on the computer is lost. What type of attack occurred?
Virus

4. In rapid succession, an intruder tries a large number of possibilities to guess passwords. As a result, other users on the network are locked out. What type of attack occurred?
Brute force

5. What type of program installs and gathers personal information, including password and account information, from a computer without permission or knowledge of the user?
Spyware

6. A network administration is troubleshooting a computer that is operating strangely. It boots slowly, programs will not load, and the keyboard responds very slowly. What is the best action for the administrator to take?
Boot the PC and Run anti-virus and anti-spyware applications from an external drive.

7. Drag the term on left to the best description on the right.
a. Stateful packet inspection à can look inside the packet up through layer 7
b.  Website filtering à allows or denies access based on a URL
c.  Simple packet filtering à allows or denies access based on an IP or MAC address
d. NAT à keeps external users from knowing the IP Address used inside the network

8. Drag the term on left to the definition on the right.
a. Integrated à a feature of a network device such as a router.
b. Personal firewall à an application designed to protect a home PC
c. Appliance-based firewall à a device that has the sole function of being a firewall
d. Server-based firewall à an application designed to protect the enterprise network

9. 9. What are three security features commonly found on an ISR? (Choose Three)
-          DMZ
-          NAT
-          SPI

10. What are two purposes of a DMZ? (Choose two)
-   To create a network area that allows internal resources, such as a web server, to be accessed by external users.
-   To establish a network area where network resources can be shared by both internal and external users.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

CCNA Discovery 1 Module 9 Exam Answers Version 4.0

1. What should a network administrator do first after receiving a call from a user who cannot access the company web server?
• Ask the user what URL has been typed and what error message displays.

2. A customer called the cable company to report that the Internet connection is unstable. After trying several configuration changes, the technician decided to send the customer a new cable modem to try. What troubleshooting technique does this represent?
• substitution

3. Only one workstation on a particular network cannot reach the Internet. What is the first troubleshooting step if the divide-and-conquer method is being used?
• Check the workstation TCP/IP configuration.

4. Which two troubleshooting techniques are suitable for both home networks and large corporate networks? (Choose two.)
• documenting the troubleshooting process
• keeping a record of system upgrades and software versions

5. Identify two physical-layer network problems. (Choose two.)
• hardware failure
• loose cable connections

6. Which ipconfig command requests IP configuration from a DHCP server?
• ipconfig /renew

7. What command is used to determine the location of delay for a packet traversing the Internet?
• tracert

8. What command is used to determine if a DNS server is providing name resolution?
• nslookup

9. Which troubleshooting method begins by examining cable connections and wiring issues?
• bottom-up

10. A technician suspects that a Linksys integrated router is the source of a network problem. While troubleshooting, the technician notices a blinking green activity LED on some of the ports. What does this indicate?
• The ports are operational and are receiving traffic.

11. A PC is plugged into a switch and is unable to connect to the network. The UTP cable is suspected. What could be the problem?
• A crossover cable is being used.

12. Refer to the graphic. What configuration is incorrect in the network shown?

13. Which three settings must match on the client and access point for a wireless connection to occur? (Choose three.)
• SSID
• authentication
• encryption key

14. A technician is troubleshooting a security breach on a new wireless access point. Which three configuration settings make it easy for hackers to gain access? (Choose three.)
• configuring NAT
• broadcasting the SSID
• using open authentication
• using the default internal IP address

15. Refer to the graphic. The wireless host cannot access the Internet, but the wired host can. What is the problem?

16. Refer to the graphic. What configuration is incorrect in the network shown?

17. When acting as a DHCP server, what three types of information can an ISR provide to a client? (Choose three.)
• default gateway
• dynamic IP address
• DNS server address

18. What two items could be checked to verify connectivity between the router and the ISP? (Choose two.)
• router status page
• connectivity status as indicated by LEDs

19. A technician is unsuccessful in establishing a console session between a PC and a Linksys integrated router. Both devices have power, and a cable is connected between them. Which two troubleshooting steps could help to diagnose this problem? (Choose two.)
• Ensure the correct cable is used.
• Ensure the link status LED on the integrated router is lit.

20. Network baselines should be performed in which two situations? (Choose two.)
• after the network is installed and running optimally
• after major changes are implemented on the network

21. Typically, help desk personnel assist end users in which two tasks? (Choose two.)
• identifying when the problem occurred
• implementing the solution to the problem

22. How does remote-access software help in the troubleshooting process?
• Diagnostics can be run without a technician being present at the site.

23. Which two items should be added to the documentation following a troubleshooting event? (Choose two.)
• final resolution
• results of successful and unsuccessful troubleshooting steps

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

CCNA Discovery 1 Module 8 Exam Answers Version 4.0

1. Identify three techniques used in social engineering. (Choose three.)
• vishing
• phishing
• pretexting

2. During a pretexting event, how is a target typically contacted?
• by phone

3. While surfing the Internet, a user notices a box claiming a prize has been won. The user opens the box unaware that a program is being installed. An intruder now accesses the computer and retrieves personal information. What type of attack occurred?
• Trojan horse

4. What is a major characteristic of a Worm?
• exploits vulnerabilities with the intent of propagating itself across a network

5. A flood of packets with invalid source-IP addresses requests a connection on the network. The server busily tries to respond, resulting in valid requests being ignored. What type of attack occurred?
• SYN flooding

6. What type of advertising is typically annoying and associated with a specific website that is being visited?
• popups

7. What is a widely distributed approach to marketing on the Internet that advertises to as many individual users as possible via IM or e-mail?
• spam

8. What part of the security policy states what applications and usages are permitted or denied?
• acceptable use

9. Which statement is true regarding anti-virus software?
• Only after a virus is known can an anti-virus update be created for it.

10. Which two statements are true concerning anti-spam software? (Choose two.)
• When anti-spam software is loaded, legitimate e-mail may be classified as spam by mistake.
• Even with anti-spam software installed, users should be careful when opening e-mail attachments.

11. What term is used to describe a dedicated hardware device that provides firewall services?
• appliance-based

12. Which acronym refers to an area of the network that is accessible by both internal, or trusted, as well as external, or untrusted, host devices?
• DMZ

13. Which statement is true about port forwarding within a Linksys integrated router?
• Only external traffic that is destined for specific internal ports is permitted. All other traffic is denied.

14. To which part of the network does the wireless access point part of a Linksys integrated router connect?
• internal

15. Refer to the graphic. What is the purpose of the Internet Filter option of Filter IDENT (Port 113. on the Linksys integrated router?

16. What statement is true about security configuration on a Linksys integrated router?
• Internet access can be denied for specific days and times.

17. What environment would be best suited for a two-firewall network design?
• a large corporate environment

18. What is one function that is provided by a vulnerability analysis tool?
• It identifies missing security updates on a computer.

19. Many best practices exist for wired and wireless network security. The list below has one item that is not a best practice. Identify the recommendation that is not a best practice for wired and wireless security.
• Disable the wireless network when a vulnerability analysis is being performed.

20. What best practice relates to wireless access point security?
• a change of the default IP address

21. Refer to the graphic. In the Linksys Security menu, what does the SPI Firewall Protection option Enabled provide?

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Jawaban Chapter 7 : Wireless Technologies

Lab 7.2.5


Step 1 : Verify Connectivity Between the Computer and the Multi-function Device.


d. Perintah yang digunakan untuk melakukan ping ke perangkat multi-fungsi :
    ping 10.1.1.5


Step 2 : Log in To The Multi-function Device and Configure The Wireless Network


e. SSID yang digunakan : informatika 2.


f. 2 options pada Radio Band : standar dan auto.


Step 3 : Reflection


a. Berapa banyak jaringan wireless yang bisa dikonfigurasi dalam satu kelas ?Berapa batasnya? 
Tidak terbatas, karena jaringan wireless bisa diakses oleh siapa saja, dan bisa dikonfigurasi sesuai dengan keinginan.




Lab 7.2.6


Step 1 : Install the Wireless NIC Wireless


b. Wireless NIC diproduksi oleh : intel.


c. Langkah install wireless NIC Driver : 
   - Klik Start, Control Panel, Performance & Maintenance, System, Hardware, Device Manager, Network Adapter, Properties.
   - Turn off komputer, cabut semua kabel dari komputer.
   - Masukkan wireless NIC card dengan hati - hati.
   - Kemudian booting kembali komputernya.
   - Found new hardware akan running secara otomatis, lalu masuk ke Control Panel dan pilih Add Hardware.




Step 3 : Attach To The Wireless Network


b. SSID yang mana yang digunakan : linksys.


d. Sinyal yang paling kuat untuk Wireless NIC : mixed.


e. Ya, karena banyak jaringan wireless yang tersedia.


g. Nama host wireless yang lainnya : elka.


h. Lebih baik menggunakan wireless NIC.


Step 4 : Determine the NIC Driver Version


b. Linksys




Step 5 : Determine If the NIC driver is the most current


a. Ya.


b. Intel.




Step 6 : Verify Connectivity


e. IP address : 192.168.1.1




Step 7 : Reflection


a. Setting nya sama.


b. Ya.




Lab 7.3.5


Step 1 : Plan the security for your home network


a. 6 security best practice :
    1. Turn on WPA
    2. Change default administrator (username dan password)
    3. Change the default SSID
    4. Enable MAC address filtering
    5. Disable SSID Broadcast
    6. Enable firewalls on each computer and router


b. 6 resiko keamanan untuk setiap sistem :
    1. Interception

    2. Injection
    3. Jamming
    4. Locating Mobile Nodes
    5. Access Control
    6. Hijacking


Step 5 : Configure The Wireless Security Settings

b. SSID : monica.


Step 8  : Reflection

a. Otomatic Configuration DHCP, karena konfigurasi nya bisa di setting sesuai kebutuhan.

b. Item yang dapat memperkuat security nya :WPA, MAC address.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Lab Acitivity 6.2.1 : Observing DNS Name Resolution


6.2.1: Observing DNS Name Resolution



Step 1 : Observe DNS Conversion

d. Alamat IP yang ada pada layar :  60.254.176.170
e. Apakah alamatnya sama dengan yang ada pada gambar? Tidak sama, karena tergantung pada masing - masing server.



Step 2 : Verify DNS Operation using the nslookup command

b. DNS server yang biasa digunakan : ns3.unp.ac.id

e. Domain = name.

g. IP addres nya : 60.254.176.170

h. Iya, IP nya sama.

i. IP google : 64.233.181.99



Step 3 : Identify Mail Server using the nslookup command

c. Nama server : n0cd.akamaiedge.net
    Responsible mail address :  hostmaster.akamai.com
   Time to Live : 1800 (30 menit)

f. IP address DNS server : 10.1.1.1



Step 4 :

a. Jika tidak ada DNS server, maka kita tidak akan bisa terkoneksi dengan internet.

b. Salah satu fungsi DNS server : menerjemahkan nama komputer ke IP address.



6.2.3 : Exploring FTP





Step 1 : Examine FTP From The Command Prompt

d. 3 perintah FTP : ?, !, append, cd.

f. Put merupakan perintah untuk mengirimkan sebuah file

g. get :  menerima file
    send : mengirimkan file
    recv : menerima file

h. IP address computer 1 :  192.168.10.1
    IP address computer 2 : 192.168.10.2



Step 2: Use a GUI FTP client or web browser

c. Nama file yang didownload dari FTP server : Wing FTP Server v3.6.6

d. Salah satu keuntungan FTP : FTP hanya menggunakan autentikasi dasar.


6.2.4 : Configuring an Email Client
 


Step 3 : Enter POP3 e-mail Account Information


c.  Incoming (POP3) mail server adalah : pemberian nama setelah protokol pengambilan.

d.  Outgoing (SMTP) mail server adalah : seperangkat aturan atau protokol standar untuk mengirim dan menerima email di jaringan seperti Internet. Sebuah komputer yang menjalankan SMTP disebut sebagai server mail, dan idealnya memiliki uptime hampir konstan. Mail server SMTP dapat mengirim dan menerima email.


Step 5 : Reflection

a. Keuntungan menggunakan surat pos biasa : biaya nya lebih murah. 
Kerugian menggunakan surat pos biasa : memakan waktu yang lama dalam proses penyampaian.

b. Keuntungan menggunakan e-mail : jangkauan nya luas dan proses penyampaian nya sangat cepat.
Kerugian : biayanya sedikit lebih mahal daripada menggunakan surat pos biasa.

c. 5 etika pengiriman email :

- gunakan salam

- penggunaan huruf kapital

- attachment atau lampiran

- jangan sering mem-BCC orang lain

- cepat merespon email

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS