ITN (Version 7.00) – ITN Final PT Skills Assessment (PTSA) Answers

ITN (Version 7.00 & v7.02) – ITN Final PT Skills Assessment (PTSA) Answers

ITN Final PT Skills Assessment (PTSA) (Answers Version)

Answers Note: Red font color or gray highlights indicate text that appears in the Answers copy only.

CCNA1 – ITN Final PT Skills

Topology

A few things to keep in mind while completing this activity:

  1. Do not use the browser Back button or close or reload any exam windows during the exam.
  2. Do not close Packet Tracer when you are done. It will close automatically.
  3. Click the Submit Assessment button in the browser window to submit your work.

Assessment Objectives

Part 1: Build the Network

Part 2: Develop an IP Addressing Scheme

Part 3: Configure Basic Device Settings

Part 4: Configure Security Settings on [[R1Name]] and [[S1Name]]

Part 5: Configure the Hosts and Verify Connectivity

Answers Notes:

This Packet Tracer assessment will be completed in PT Physical Mode. Students should be familiar with how to place equipment in racks and how to cable equipment according to a logical topology.

This assessment uses variables to provide nine possible variations of the assessment to students. Three sets of variables vary the device names, addressing, and other features of the assessment. These variables vary independently. The table below provides the variable values for three scenarios. Note that generic names are used in the Feature column for the devices. Devices names will vary. Refer to the design document for more details.

Feature

Variable Scenario 1

Variable Scenario 2

Variable Scenario 3

Router Name

R1

Central-RT

Router-A

Switch Name

S1

Central-SW

Switch-A

PC-A Name

PC-A

User-A

Host-A

PC-B Name

PC-B

User-B

Host-B

Networks

192.168.10.0/24

172.16.1.0/25

209.165.201.0/27

LAN 1 hosts required

100

60

12

LAN 2 hosts required

50

20

5

Router G0/0/0 address

192.168.1.129

172.16.1.65

209.165.201.17

Router G0/0/0 mask

255.255.255.192

255.255.255.224

255.255.255.248

Router G0/0/1 address

192.168.10.1

172.16.1.1

209.165.201.1

Router G0/0/1 mask

255.255.255.128

255.255.255.192

255.255.255.240

Switch SVI

192.168.1.2

172.16.1.2

209.165.201.2

Switch PC

192.168.10.126

172.16.1.62

209.165.201.14

Router PC

192.168.10.190

172.16.1.94

209.165.201.22

Router and switch enable secret

ThisisaSecret

DontTellAnyone

NoOneShouldKnow

Router and switch console password

Ci$co12345

LetMeinNow!

Classpassw0rd

username/password

admin/Ci$co12345

root/LetMeinNow!

adminuser/Classpassw0rd

Instructions

In this assessment you will configure the [[R1Name]] router and [[S1Name]] switch, as you have done in the activities in this course. You will also connect two PCs using a switch and a router that are in the main wiring closet. You will subnet the [[Network]] network to provide IPv4 addresses for two subnets that will support the required number of hosts. The larger subnet (LAN 1) requires [[SubnetA]] hosts and the smaller subnet (LAN 2) requires [[SubnetB]] hosts. In addition, you will subnet an IPv6 network to provide two subnets with a /64 prefix length. For this, use IPv6 network, 2001:db8:acad::/48.

No subnet calculators may be used.

Device Names Table

You will receive one of three possible scenarios. In order to use the logical topology diagram that is provided with the instructions, use the device names in the Device Names Table.

Topology Diagram Name

Your Scenario Name

R1

[[R1Name]]

S1

[[S1Name]]

PC-A

[[PCAName]]

PC-B

[[PCBName]]

Addressing Requirements Table

Item

Requirements

Network Address

[[Network]]

LAN 1 subnet host requirements

[[SubnetA]]

LAN 2 subnet host requirements

[[SubnetB]]

[[R1Name]] G0/0/1

First host address in LAN 1 subnet

[[R1Name]] G0/0/0

First host address in LAN 2 subnet

[[S1Name]] SVI

Second host address in LAN 1 subnet

[[PCAName]]

Last host address in LAN 1 subnet

[[PCBName]]

Last host address in LAN 2 subnet

Part 1:Build the Network

  1. Build the network according to the logical topology by placing the required equipment in the wiring closet equipment rack.
  2. Cable the network devices in the closet as shown in the topology diagram.
  3. Connect the hosts as shown in the topology diagram.

Part 2:Develop an IP Addressing Scheme

In this part of the assessment you will develop an IP addressing scheme. You will subnet an IPv4 network to create two subnets with the required number of hosts. You will also subnet an IPv6 network. You will then assign the addresses according to the requirements below.

Work with the following information:

IPv4 Network: [[Network]]

Required number of hosts in IPv4 LAN 1: [[SubnetA]]

Required number of hosts in IPv4 LAN 2: [[SubnetB]]

  1. Record your subnet assignments according to the following requirements.

1)Assign the first IPv4 address of each subnet to a router interface

LAN 1 is hosted on [[R1Name]] G0/0/1

LAN 2 is hosted on [[R1Name]] G0/0/0

2)Assign the last IPv4 address of each subnet to the PC NIC.

3)Assign the second IPv4 address of LAN 1 to [[S1Name]] SVI.

  1. Use the IPv6 address 2001:db8:acad::/48 and create two subnets with a prefix length of /64 for use in this network.

1)Assign the first address in the second IPv6 subnet to [[R1Name]] G0/0/1.

2)Assign the first address in the third IPv6 subnet to [[R1Name]] G0/0/0.

3)Assign the tenth address in the LAN 1 IPv6 subnet to the LAN 1 PC.

4)Assign the tenth address in the LAN 2 IPv6 subnet to the LAN 1 PC.

Note: Use fe80::1 as the link-local address on both router interfaces.

Part 3:Configure Basic Device Settings

Network devices must be configured over a direct console connection.

Step 1:Configure Basic Settings

  1. Disable DNS lookup on [[R1Name]] and [[S1Name]]
  2. Enable IPv6 routing on [[R1Name]].
  3. Configure router hostname using the name [[R1Name]].
  4. Configure switch hostname using the name [[S1Name]].
  5. Configure an appropriate banner on [[R1Name]] and [[S1Name]].

Step 2:Configure Interfaces

  1. Configure [[R1Name]] G0/0/0 and G0/0/1 interfaces using the addressing from the previous part of this assessment:
  • Interface description
  • IPv4 address / subnet mask
  • IPv6 address / prefix
  • Configure the IPv6 Link Local Address for both interfaces as fe80::1
    1. Configure the [[S1Name]] VLAN 1 SVI interface using the addressing from the previous part of this assessment:
  • Interface description
  • IPv4 address / subnet mask

Part 4:Configure Security Settings on [[R1Name]] and [[S1Name]]

Step 1:Configure enhanced password security

  1. Configure [[Secret]] as the encrypted privileged EXEC password
  2. Encrypt all plaintext passwords
  3. Set minimum password length to 10 on [[R1Name]].

Step 2:Configure SSH

  1. Configure netsec.com as the domain name
  2. Configure a local user [[User]] with the encrypted password [[Password]]
  3. Allow console logins with the password [[Password]].
  4. Set login on vty lines to use local database.
  5. Configure the vty lines to accept SSH access only.
  6. Generate an RSA crypto key using 1024 bits modulus.

Step 3:Secure switch ports on [[S1Name]]

  1. Shut down all unused ports on [[S1Name]].
  2. Enter descriptions for all unused switch ports to indicate that they are intentionally shutdown.

Part 5:Configure the Hosts and Verify Connectivity

  1. Configure both hosts with the IP addresses assigned in the previous part of the assessment.
  2. There should be IPv4 and IPv6 connectivity between all network devices.

Answer Script

This assessment uses variables to vary the device names and features of the addressing scheme. Each variable can have of three values. The values can vary independently. The configurations below include the values for three variable scenarios. However, because the variables vary independently the scenarios can be mixed to make nine possible variations.

The ID numbers indicate the values for the three variables with each place in the ID representing a variable. The first variable is the addressing scheme and requirements, the second is the device names, and the third is passwords and account information values. These ID values can also be found at the end of the activity instructions. The example answers are for scenarios 000, 111, and 200. However, mixed values such as 012, 110, are possible.

Router (ID: 000)

enable

configure terminal

host R1

ipv6 unicast-routing

no ip domain-lookup

interface g0/0/0

ip address 192.168.10.129 255.255.255.192

ipv6 address 2001:db8:acad:b::1/64

ipv6 address fe80::1 link-local

no shutdown

interface g0/0/1

ip address 192.168.10.1 255.255.255.128

ipv6 address 2001:db8:acad:a::1/64

ipv6 address fe80::1 link-local

no shutdown

ip domain-name netsec.com

enable secret ThisisaSecret

username admin secret Ci$co12345

banner motd "Unauthorized Access Prohibited!"

security password min-length 10

service password-encryption

line con 0

password Ci$co12345

line vty 0 4

login local

transport input ssh

crypto key generate rsa general-keys modulus 10244

end

copy run start

Switch (ID: 000)

enable

configure terminal

host S1

no ip domain-lookup

interface vlan1

ip address 192.168.10.2 255.255.255.128

no shutdown

ip domain-name netsec.com

enable secret ThisisaSecret

username admin secret Ci$co12345

banner motd "Unauthorized Access Prohibited!"

service password-encryption

line con 0

password Ci$co12345

line vty 0 4

login local

transport input ssh

crypto key generate rsa general-keys modulus 1024

interface range f0/1-4, f0/7-24, g0/1-2

shutdown

end

copy run start

Router (ID: 111)

enable

configure terminal

host Central-RT

ipv6 unicast-routing

no ip domain-lookup

interface g0/0/0

ip address 172.16.1.65 255.255.255.224

ipv6 address 2001:db8:acad:b::1/64

ipv6 address fe80::1 link-local

no shutdown

interface g0/0/1

ip address 172.16.1.1 255.255.255.192

ipv6 address 2001:db8:acad:a::1/64

ipv6 address fe80::1 link-local

no shutdown

ip domain-name netsec.com

enable secret DontTellAnyone

username root secret LetMeinNow!

banner motd "Unauthorized Access Prohibited!"

security password min-length 10

service password-encryption

line con 0

password LetMeinNow!

line vty 0 4

login local

transport input ssh

crypto key generate rsa general-keys modulus 1024

end

copy run start

Switch (ID: 111)

enable

configure terminal

host Central-SW

no ip domain-lookup

interface vlan1

ip address 172.16.1.2 255.255.255.192

no shutdown

ip domain-name netsec.com

enable secret DontTellAnyone

username root secret LetMeinNow!

banner motd "Unauthorized Access Prohibited!"

service password-encryption

line con 0

password LetMeinNow!

line vty 0 4

login local

transport input ssh

crypto key generate rsa general-keys modulus 1024

interface range f0/1-4, f0/7-24, g0/1-2

shutdown

end

copy run start

Router (ID: 222)

enable

configure terminal

host Router-A

ipv6 unicast-routing

no ip domain-lookup

interface g0/0/0

ip address 209.165.201.17 255.255.255.248

ipv6 address 2001:db8:acad:b::1/64

ipv6 address fe80::1 link-local

no shutdown

interface g0/0/1

ip address 172.16.1.1 255.255.255.192

ipv6 address 2001:db8:acad:a::1/64

ipv6 address fe80::1 link-local

no shutdown

ip domain-name netsec.com

enable secret DontTellAnyone

username adminuser secret Classpassw0rd

banner motd "Unauthorized Access Prohibited!"

security password min-length 10

service password-encryption

line con 0

password Classpassw0rd

line vty 0 4

login local

transport input ssh

crypto key generate rsa general-keys modulus 1024

end

copy run start

Switch (ID: 222)

enable

configure terminal

host Switch-A

no ip domain-lookup

interface vlan1

ip address 209.165.201.2 255.255.255.240

no shutdown

ip domain-name netsec.com

enable secret NoOneShouldKnow

username adminuser secret Classpassw0rd

banner motd "Unauthorized Access Prohibited!"

service password-encryption

line con 0

password Classpassw0rd

line vty 0 4

login local

transport input ssh

crypto key generate rsa general-keys modulus 1024

interface range f0/1-4, f0/7-24, g0/1-2

shutdown

end

copy run start

Subscribe
Notify of
guest
26 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments