If you configured this correctly as shown in Example 4-44, you have scored 3 points. NOTE When configuring the time-range feature, do not forget to configure the clock on the router; otherwise, it will not work (the time-range will remain inactive). Use the clock set command from the router enable mode prompt. The time-range feature shown on Example 4-44 is used to limit certain access or sessions to specific protocols in a certain period of time. Example 4-44. R3 Access List and time-range ConfigurationR3#show run ! ! interface FastEthernet0/1 ip address 160.10.33.3 255.255.255.0 ip access-group NO-SMTP in ! ! ip access-list extended NO-SMTP deny tcp any any eq smtp time-range no-SMTP permit ip any any ! time-range no-SMTP periodic weekdays 8:00 to 20:00 ! R3#sh time-range time-range entry: no-SMTP (inactive) periodic weekdays 8:00 to 20:00 used in: IP ACL entry R3#
If you configured this correctly as shown in Example 4-45, you have scored 2 points. Example 4-45 show the configuration to accomplish the question's requirements. To enable the IP security options, use the command ip security dedicated. Level "unclassified," and authority "genser" are the default values. To prioritize the packets, configure the ip security first command. Example 4-45. R2 IP Security Option (IPSO) ConfigurationR2#show run int fa0/0 Building configuration... Current configuration : 160 bytes ! interface FastEthernet0/0 ip address 130.200.10.2 255.255.255.0 ip security dedicated unclassified genser ip security first R2#
If you configured this correctly as shown in Example 4-46, you have scored 3 points. The configuration in Example 4-46 is the minimum configuration needed to enable the port-security feature. Observe that to configure the shutdown option you do not need to configure any extra command as it is the default. Example 4-46. Sw1 Port-Security ConfigurationSw1#show run int fa0/17 Building configuration... Current configuration : 152 bytes ! interface FastEthernet0/17 switchport mode access switchport port-security switchport port-security mac-address 0010.de48.2223 no ip address end Sw1# ! ! Sw1#show port-security int fa0/17 Port Security : Enabled Port status : SecureUp Violation mode : Shutdown Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 1 Sticky MAC Addresses : 0 Aging time : 0 mins Aging type : Absolute SecureStatic address aging : Disabled Security Violation count : 0 Sw1# |