Assessment Task 3 – My Assignment Tutor

Assessment Task 3VU21988 – Utilise basic network concepts and protocols required in cyber security Please read all assessment instructions to ensure you are clear and fully understand the requirements as outlined in each assessment task. To successfully complete this assessment task, you must meet the requirements for all criteria as listed below. Where you are unsuccessful, or you are required to provide further evidence your teacher will provide feedback and request further evidence as needed. It is important that you clearly understand all the requirements of this assessment task. If you have difficulty with the assessment terms or the steps to follow please speak to your teacher as soon as possible. Your teacher is your first point of contact when you need clarification and they will provide additional information as required to help you. Instructions to student: For this Assessment task you will individually complete the assessment, enter the commands used in all of the blank fields and answer all questions. You may use your hand-written learning journal during the assessment but access to other learning resources is not allowed. Configure PC-A as the Kali machine. Assessment Task 3 – DoS environmentTopologyAssessment Sections:Part 1: Develop the IPv4 Address SchemePart 2: Cable Initialize and Reload DevicesPart 3: Configure Device IPv4, RIP v2 and Security SettingsPart 4: Test and Verify IPv4 End-to-End ConnectivityPart 5: Configure IPv6 Addressing on R2Part 6: Test and Verify IPv6 End-to-End ConnectivityPart 7: Use the IOS CLI to Gather Device InformationPart 8: Use PC-A to launch and monitor a DoS attackPart 9: Answer final questionsPart 10: Record all device configurations ScenarioIn Assessment task 3 you will configure the devices in a small network. You must configure a router, switch and PCs to support both IPv4 and IPv6 connectivity. You will configure security, including SSH, on the routers. You will launch a DoS attack targeting the router and observe the attack taking place from PCA. In addition, you will test and document the network using common CLI commands. Required ResourcesPlease login to http://netlab.boxhill.edu.au and schedule a ‘VU21988 Advanced KALI Topology Lab’ Pod and ensure you give yourself at least four hours to allow a reasonable amount of time.NOTE: Access to the Console ports of the three network devices can only be achieved from PC-B. Multi-TAB Putty has been installed and preconfigured for ease of console access. Double click the desktop icon called: mtputtyCOM1 is directly connect to Switch-OneCOM2 is not connected.COM3 is directly connect to Router-OneCOM4 is directly connect to Router-Two Instructions CompletePlease see next page for Part 1  Part 1: Develop the IPv4 Addressing SchemeGiven an IP address and mask of 192.168.132.0/26 (address / mask), design an VLSM IP addressing scheme that satisfies the following requirements. Subnet Number of HostsSubnet A 5Subnet B 25 No subnet calculators may be used. All work must be shown on the other side of this page. Network journals are permitted. Host computers will use the first IP address in the subnet. The network router will use the LAST network host address. The switch will use the second to the last network host address. Once you have designed an appropriate addressing scheme complete the below for subnet AAnswer:Subnet ASpecification Student InputNumber of bits turned on in the subnetNew subnet mask (binary)New subnet mask (decimal)Number of usable hosts in subnet ANetwork addressFirst IP Host addressLast IP Host addressOnce you have designed an appropriate addressing scheme complete the below for subnet BAnswer:Subnet BSpecification Student InputNumber of bits turned on in the subnetNew subnet mask (binary)New subnet mask (decimal)Number of usable hosts in subnet BNetwork addressFirst IP Host addressLast IP Host address Host computers will use the first IP address in the subnet. The network router will use the LAST network host address. The switch will use the second to the last network host address Write down the IP address information for each device:Answer: Device IP address Subnet Mask GatewayPC-AR1-Gig1 N/AR1-Gig2 N/AR2-Gig1 N/AR2-Gig2 N/AS1-VLAN1 N/APC-B Part 1 CompletePlease see next page for Part 2 Part 2: Cable, Initialize and Reload DevicesCable the topology, initialise and reload routers and switch.Erase the startup configurations and VLANs from the routers and switch and reload the devices. Complete the following table:Answer: Task What IOS Command have you used to complete this taskErase the startup-config file on the Routers. Erase NVRAMReload the Routers. reloadErase the startup-config file on the Switch.Delete the vlan.dat file on the SwitchReload the Switch. Make sure you enter every command into your router and switch as well as list above! Part 2 CompletePlease see next page for Part 3  Part 3: Configure Device IPv4, RIPv2 and Security SettingsConfigure host computers.After configuring each host computer, record the host network settings Configure PC-A and record the following:Answer: PC-A Network ConfigurationDescriptionPhysical AddressPhysical Address OSI layerIP AddressSubnet MaskDefault Gateway Configure PC-B and record the following:Answer: PC-B Network ConfigurationDescriptionPhysical AddressPhysical Address OSI layerIP AddressSubnet MaskDefault Gateway Configure Router 1 and record the below:Answer: Task Specification/IOS Command Command UsedDisable DNS lookupRouter name R1-”your Student ID” R10099999Domain name BHIcyber.comEncrypted privileged exec password CybersecurityConsole access password VU21988passTelnet access password TelnetpassSet the minimum length for passwords 10 charactersCreate an administrative user in the local database Username: adminPassword: admin1passSet login on VTY lines to use local databaseSet VTY lines to accept ssh and telnet connections onlyEncrypt the clear text passwordsMOTD BannerInterface Gig1 Set the descriptionSet the Layer 3 IPv4 addressActivate InterfaceInterface Gig2 Set the description209.165.200.2 /30Activate InterfaceGenerate RSA crypto key 1024 bits modulus Configure Router 2 and record the below:Answer:Task Specification/IOS Command Command UsedDisable DNS lookupRouter name R”your Student ID” R10099999Domain name BHIcyber.comEncrypted privileged exec password CybersecurityConsole access password VU21988passTelnet access password TelnetpassSet the minimum length for passwords 10 charactersCreate an administrative user in the local database Username: adminPassword: admin1passSet login on VTY lines to use local databaseSet VTY lines to accept ssh and telnet connections onlyEncrypt the clear text passwordsMOTD BannerInterface Gig1 Set the description209.165.200.1/30Activate InterfaceInterface Gig2 Set the descriptionSet the layer 3 IPv4 addressActivate InterfaceGenerate RSA crypto key 1024 bits modulusConfigure RIPv2 on R1.Answer: Configuration Item or Task Specification Command UsedConfigure RIP Version 2Advertise directly connected NetworksAssign all directly connected networks. Configure RIPv2 on R2.Answer: Configuration Item or Task Specification Command UsedConfigure RIP Version 2Advertise directly connected NetworksAssign all directly connected networks. Configure S1.Answer: Task Specification Command UsedSwitch name S1-”Your Student ID” S18000000Configure Management Interface (SVI) Set the Layer 3 IPv4 addressEncrypted privileged exec password CybersecurityConsole access password VU21988passTelnet access password TelnetpassShutdown all unused portsLog out console and VTY idle connections after 12 minutesBlock login access for 30 seconds if there are 3 failed attempts within 130 seconds. Part 3 CompletePlease see next page for Part 4  Part 4: Test and Verify IPv4 End-to-End ConnectivityVerify network connectivity.Use the ping command to test connectivity between all network devices.Note: If pings to host computers fail, temporarily disable the computer firewall and retest. To disable a Windows 7 firewall, select Start > Control Panel > System and Security > Windows Firewall > Turn Windows Firewall on or off, select Turn off Windows Firewall, and click OK. Use the following table to methodically verify connectivity with each network device. Take corrective action to establish connectivity if a test fails:Answer: From To IP Address Source IP Address Destination Ping ResultsPC-A R1, Gig1PC-A R1, Gig2PC-A R2, Gig1PC-A R2, Gig2PC-A S1 VLAN 1PC-B R1, Gig1PC-B R1, Gig2PC-B R2, Gig1PC-B R2, Gig2PC-B S1 VLAN 1PC-B PC-APC-A PC-B What troubleshooting methodology should be used if a connectivity issue is found in the network?Answer:Ping uses which protocol to operate?Answer:In addition to the ping command, what other command is useful in displaying network delay and breaks in the path to the destination?Answer: What type of cables are being used to connect the devices? Answer: Record the MAC addresses of R1 and R2 in the table belowAnswer:Device Interface G1 Interface G2Router 1Router 2 If you were to ping from PC1 to R2 what would be the source and destination MAC addresses found on the packet between R1 and R2?Answer: Part 5: Configure IPv6 Addressing on R2Given an IPv6 network address of 2001:DB8:ACAD::/64, configure IPv6 addresses for the Gigabit interface on R2. Use FE80::1 as the link-local address on the interface. Configure R2:Configuration tasks for R2 include the following:Answer: Task Specification IOS Command usedConfigure Gig2 to use the first address in subnet B. Assign the IPv6 unicast addressAssign the IPv6 link-local addressEnable IPv6 unicast routing. Part 5 CompletePlease see next page for Part 6 Part 6: Test and Verify IPv6 ConnectivityObtain the IPv6 address assigned to host PC Obtain the IPv6 address assigned to host PCAnswer: PC-B IPv6 Network ConfigurationDescriptionPhysical AddressIPv6 AddressIPv6 Default Gateway Use the ping command to verify network connectivity.IPv6 network connectivity can be verified with the ping command. Use the following table to verify connectivity to the network device. Take corrective action to establish connectivity if a test fails:Answer: From To IP Address Source IP Address Destination Ping ResultsPC-B R2, Gig2R2, Gig2 PC-B Part 6 CompletePlease see next page for Part 7 Part 7: Use the IOS CLI to Gather Device Information Issue the appropriate command to discover the following information:Answer: Description Student InputCLI Command UsedIOS Image FileTotal RAMTotal Flash MemoryConfiguration RegisterRouter Model Enter the appropriate CLI command needed to display the following on R1:Answer: Command Description Command UsedDisplay a summary of important information about the interfaces on R1.Display the IPv4 routing table.Display the Layer 2 to Layer 3 mapping of addresses on R1.Display detailed IPv4 information about interface G0/0 on R1.Display the IPv6 routing table.Display a summary of IPv6 interface addresses and status.What command will save current configuration so it will be used the next time the router is started.(Do not issue the command on the equipment or netlab) Part 7 CompletePlease see next page for Part 8 Part 8: Use PC-A to launch and monitor a DoS attack From PC-A launch a SYN flood DoS attack on R1 targeting port 22 (hping3 – do not randomise your IP).What command did you use to launch the DoS attackAnswer:Observe the attack taking place with Wireshark on PC-A, explain which TCP flags are being sent, insert a screenshot displaying the Wireshark output confirming the attack has been successful.Answer:Are you able to SSH into the router from either PC-A or PC-B? Explain your answer.Answer:Cancel the current attack and launch the same attach again but randomise the source IP address.What command would achieve the source IP to be randomly generated?Answer:What are the main differences and characteristics of TCP and UDP?Answer: Part 8 CompletePlease see next page for Part 9  Part 9: Answer final questions What software tools have you used in this assessment task?Answer:Describe how you would use virtualisation to recreate this topology either at home or in the classroomAnswer:What are the advantages and disadvantages of using a scripting language in networking?Answer: Part 9 CompletePlease see next page for Part 10 Part 10: Final Device ConfigurationsPaste the running configurations of the three network devices below: Router One – Running ConfigurationAnswer:Router Two – Running ConfigurationAnswer:Switch One – Running ConfigurationAnswer: Part 10 CompleteThis is the end of the Assessment Task Cleanup:NOTE: DO NOT PROCEED WITH CLEANUP UNTIL YOUR INSTRUCTOR HAS INFORMED YOU THAT YOU MAY BEGIN CLEANUP.• When directed by the instructor, restore host computer network connectivity, and then turn off power to the host computers.• Before turning off power to the router and switch, remove the NVRAM configuration files (if saved) from both devices.• Disconnect and neatly put away all LAN cables that were used.

QUALITY: 100% ORIGINAL PAPER – NO PLAGIARISM – CUSTOM PAPER

Leave a Reply

Your email address will not be published. Required fields are marked *