Practice Labs

[ LiB ]  

The practice labs in this section will help sharpen the CLI skills you just learned. Make sure that you try to complete the labs; if you don't have a sensor, just practice on paper. (Remember that during the test, you will not always have an IDS sensor, so practicing on paper can be a good way to learn and remember.)

Lab 1: Configuring Command and Control IP Address

In this lab, configure the sensor to support the listed requirements. Listing 7.18 displays one possible solution that you can use to cross-check your answer.

The requirements follow:

  1. Set the command and control IP address to 10.1.9.201 .

  2. Set the default gateway to 10.1.1.1 .

  3. Remove all entries from the access list.

  4. Add the 10.1.0.0 /16 network to the access list entries.

  5. Show your settings.

  6. Save your configuration to the sensor.

Listing 7.18. Lab 1 Solution
 sensor#  config t  sensor(config)#  service host  sensor(config-Host)#  networkparams  sensor(config-Host-net)#  ipaddress 10.1.9.201  sensor(config-Host-net)#  netmask 255.255.255.0  sensor(config-Host-net)#  defaultGateway 10.1.1.1  sensor(config-Host-net)#  no accesslist ip address 10.0.0.0  sensor(config-Host-net)#  accesslist ip address 10.1.1.1 netmask 255.255.255.255  sensor(config-Host-net)#  show settings  networkParams    -----------------------------------------------       ipAddress: 10.1.9.201       netmask: 255.255.255.0 default: 255.255.255.0       defaultGateway: 10.1.1.1       hostname: sensor       telnetOption: enabled default: disabled       accessList (min: 0, max: 512, current: 2)       -----------------------------------------------          ipAddress: 10.1.1.1          netmask: 255.255.255.255 default: 255.255.255.255          -----------------------------------------------       -----------------------------------------------    ----------------------------------------------- sensor(config-Host-net)#  exit  sensor(config-Host)#  exit  Apply Changes:?[yes]:  yes  sensor(config)#  exit  

Lab 2: Resetting the Signature Engine Back to Default

In this lab, configure the sensor to support the listed requirements. Listing 7.19 displays one possible solution that you can use to cross-check your answer.

The requirements follow:

  1. Reset the Atomic.UDP sensor engine back to default.

  2. Reset the Sweep.Host.ICMP sensor engine back to default.

  3. Reset the sensor.

Listing 7.19. Lab 2 Solution
 Sensor#  config t  sensor(config)#  service virtual-sensor-configuration virtualSensor  sensor(config-vsc)#  reset-signatures SWEEP.HOST.ICMP all  Warning: Executing this command will reset all specified signatures back to default. Continue with reset-signatures? [yes]:  yes  sensor(config-vsc)#  reset-signatures ATOMIC.UDP all  Warning: Executing this command will reset all specified signatures back to default. Continue with reset-signatures? [yes]:  yes  sensor(config-vsc)#  exit  sensor(config)#  exit  sensor#  reset  Warning: Executing this command will stop all applications and reboot the node. Continue with reset? :  yes  Broadcast message from root (Sun Dec  7 14:23:51 2003): A system reboot has been requested.  The reboot may not start for 90 seconds. Request Succeeded. sensor# 

Lab 3: Setting the WebServer to Port 80 and Removing SSL

In this lab, configure the sensor to support the listed requirements. Use Listing 7.20 to cross-check your answer.

The requirements follow:

  1. Display the current settings of the sensor Web server.

  2. Change the default port from 443 to 80.

  3. Turn off SSL and TLS.

  4. Display the new settings.

  5. Save the settings to the sensor and reset.

Listing 7.20. Lab 3 Solution
 sensor#  config t  sensor(config)#  service webServer  sensor(config-WebServer)#  show settings  general    -----------------------------------------------       enable-tls: true default: true       ports: 443 default: 443       server-id: HTTP/1.1 compliant <defaulted>    ----------------------------------------------- sensor(config-WebServer)#  general  sensor(config-WebServer-gen)#  port 80  sensor(config-WebServer-gen)#  enable-tls false  sensor(config-WebServer-gen)#  exit  sensor(config-WebServer)#  show settings  general    -----------------------------------------------       enable-tls: false default: true       ports: 80 default: 443       server-id: HTTP/1.1 compliant <defaulted>    ----------------------------------------------- sensor(config-WebServer)# exit Apply Changes:?[yes]:  yes  Warning: The node must be rebooted for the changes to go into effect. Continue with reboot? [yes]:  yes  Broadcast message from root (Sun Dec  7 14:40:29 2003): A system reboot has been requested.  The reboot may not start for 90 seconds. sensor(config) # 

[ LiB ]  


CSIDS Exam Cram 2 (Exam 642-531)
CSIDS Exam Cram 2 (Exam 642-531)
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 213

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net