CCIE Security Self-Study Lab Part II: Advanced Security Design (4 Hours)

The final section, Part II, concentrates on the advanced security topics that are possible in the CCIE Security exam. Now that Part I has been configured and all devices are communicating, you can add security to the network and ensure that the network is safe from intruders or hackers.

IP Access List

On R5, configure an access list that meets the following criterion and contains the fewest configuration lines as possible:

  • Apply the access list on the outbound interface on R5's Fast Ethernet link to R4.

  • Deny any TCP packet with source address 129.57.204.0/24.

  • Deny any TCP packet with source address 129.57.140.0/24.

  • Deny any TCP packet with source address 225.133.29.0/24.

  • Deny ...

Get CCIE Security Exam Certification Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.