Student Name _________________________________ Date _____________
SEC450 iLab3 Report
Initial Configuration ISP Router
version 12.3(4)T7
!
hostname ISP_Router
!
interface FastEthernet0/0 ip address 200.100.0.1 255.255.255.0
!
interface FastEthernet1/0 ip address 200.100.40.1 255.255.255.0
!
interface Serial0/0 ip address 200.100.10.1 255.255.255.0
!
interface Serial0/1 ip address 200.100.20.1 255.255.255.0
!
router rip network 200.100.0.0 network 200.100.10.0 network 200.100.20.0 network 200.100.40.0
!
line con 0 line aux 0 line vty 0 4 password cisco line vty 5 15 password cisco
!
end
Note: RED text indicates the required questions to answer
Task to Set up Security Policy for Offsite Database Server
#1. Explain the meaning of the "three P's" best practice rule to create ACL in routers
#2. Explain the difference between the following two access-list commands
a) access-list 101 permit tcp any any eq 80
b) access-list 101 permit tcp any eq 80 any
#3. What are well-known, registered, and ephemeral UDP/TCP ports?
#4. What is wrong with ACL 105? access-list 105 permit tcp any any access-list 105 deny tcp host 201.141.0.3 any
#5. What well-known TCP port does Oracle Database (sql net) server use?
#6. A company is managing an Oracle Database located in a Public Server to support day-to-day operations in Dallas and Chicago networks. The company has requested its Internet Access Provider (ISP) to create the necessary ACL at the ISP router securing that only responses from Oracle server to certain hosts are allowed to enter Dallas and Chicago LANs.
ISP network engineers decided to use extended ACL, and applies it to F0/0 interface in ISP router. Why did they decide to create an extended ACL and apply it in interface F0/0 for