DIAG Answers And Ideas ccie lab material

PASSHOT shares some CCIE Lab learning materials. If you are studying CCIE R&S lab, it will be of great help to you!


DIAG If there are two options that are the same or optional, the previous option is preferred! =========================================================== ===================
DIAG 1
The first question is if SW3 has port-security or DIAG1 is not DIAG1+
The second question is if e16/0 of R16 the mask is /30 is DIAG1, if it is /29 it will be DIAG1+

DIAG1 Answer -------------
T1 STP
Q1: SW3, command: show ip int bri
Q2: What information is used to confirm the problem: HOST1, what the mac add of e0/0
T2 DMVPN
Q1: Problematic equipment: R15;
Q2: Solution: Remove E0/0 from EIGRP;
T3: URPF
Q1 drag title (abandon) remember that the traffic is from R1-->R3-->R2-->R1 drop
Q2: Asymmetric routing using URPF is selected
DIAG1+ answer -------------
T1 STP
Q1: SW3, command:show spanning-tree
Q2: Need help-desk engineer to confirm what information: SW3, show vtp password T2 DMVPN Q1: problematic device: R16;
Q2: Solution: increase the mask length of R16 E0/0; increase the mask length..
T3: URPF
Q1: Totu (abandon) remember that traffic is from R1-->R3-->R2-->R1 drop Q2: Select with strict URPF and destination-based load balancing options, strict uRPF and Per-destination load-balancing

=========================================================== ===================
DIAG 2
The second question is if the R2 has an RP route, it is DIAG2.
The second question is if the R2 has no RP route, it is DIAG2 + DIAG2 Answer -----------
T1
Q1 How to quickly confirm the problem: Configure CE2 to have a higher HSRPv6 priority;
Q2 1) The root cause of the current problem: the wrong HSRP configuration; 2) Which device is the problem? CE1; Which device is causing: unknown device in CE's LAN;
Q3 Select the first frame id from the capture packet To prove your guess: filter [ipcmpv6.type==134], select RA from FE80: 666, the answer is 193;
T2 multicast
Q1 What is the problem? R3 has no route to RP;
Q2 What questions would you ask your engineer? Why is 10.4.1.0/24 is not in R3's RIB Q3 How to solve this problem temporarily? Add an ipv4 route or mroute to R4 on R3;
DIAG2+ Answer----------
T1
Q1 How to quickly confirm the problem: shutdown CE1 's e0/0;
Q2 1) The root cause of the current problem: high preference gateway info is sent out; 2) Which device is the problem? unknow device in CE's LAN;
Q3 Select the first frame id from the capture packet To prove your guess: filter [ipcmpv6.type==134], select RA from FE80: 666, the answer is 227;
T2 multicast
Q1 What is the problem? R2 has no route to RP;
Q2 What questions would you ask your engineer? Why is 10.4.1.0/24 is not in R2's RIB
Q3 How to solve this problem temporarily? Add an ipv4 route to R4 on R2 or Mroute;

=========================================================== ===================
DIAG 3

T1 DAI
Q1 problematic device and search command: SW1, show ip dhcp relay info trusted-sources
Q2 Which capture package can help find the cause of the problem: [DIAG3 answer: seq 113; DIAG3+ Answer: 114; DIAG3+++ Answer: 114], [Filter bootp, discovery message with source address 0.0.0.0] The problem is that the source address is 0.0.0.0
Q3 capture location: between SW1 - SW3

T2 Sec filters [tcp.port==1337], and destination port 1337 corresponds to destinaion ip as the server address;

The 4 options in Q1 are
1) Server TCP is connected to the attacker's site or the server is connected to the router through a vty or router TCP connection to the attacker; (DIAG3++tcp session from 10.1.1.1 to the router Via vty, does this item mean to say that the server is actively connecting?)
2) The remote attacker connects to the server's tcp 1337 port;
3) Then download a tcl script via http;
4) A malware is installed through the back door;
The Q2 solution is to end the process with server power off or kill e;
The command used by the Q3 attacker is tclsh

Unfinished...

Comments

Post a Comment

Popular posts from this blog

What is proxy communication?

Image
Is it correct to understand the working level of forward proxy reverse proxy transparent proxy? Forward proxy and reverse proxy (application load balancing, some NG reverse proxy) can be understood as a man-in-the-middle mode. At the same time, both ends establish a TCP connection, and then the man-in-the-middle performs TCP connection between the two ends. Can a transparent proxy be understood as a simple and crude "hijacking" of a passing data packet, without splitting the complete TCP connection into two independent segments. So, in this sense, this kind of transparent proxy is similar to the working hierarchy of NAT devices? Preface I once saw a person write tens of thousands of words to answer a question, and read it after three days. Shocked, what is all this for? These words can produce a book, and it is also a reward for your hard work. However, I think the man has always been happy, but there is no doubt that his reputation (Reputation) is in full swin
Read more

How to choose Cisco dumps?

Image
In this era of lack of trust between people, if you want to buy one thing, in addition to buying on a platform such as a regular platform, such as Amazon. Do you still believe in other self-built platforms? I believe many people have the experience of being cheated. lowest The means of defrauding money is: Your good friend comes to borrow money from you, and you have a relationship card with you so that you can lend him money. At this time, according to the normal person’s thinking, this friend has known me for many years that he might not take the money away. Note that it is often the same idea that gives others the opportunity to owe money. If the amount borrowed is not high, then it is okay. Once the amount you borrowed is too large, you should be careful and your money may not be returned! Back to the topic, in this era of lack of trust, how to choose the Cisco dumps have become an important topic. First, when you buy it depends on whether the website's URL link is https
Read more

What are CCNP Data Center jobs in Dubai?

Image
  What are CCNP Data Center jobs in Dubai? Over the last few years, Cisco accreditations have gotten popular astonishingly. Undoubtedly, Cisco certifications would be deemed the outright most necessary certificates in the field of computer system networking. About Cisco certifications, there would be an extensive range of choices. To help your career and assist you in opening brand-new doors in your career, you need the ideal accreditations. Cisco introduced its primary certification program in 1998. The essential idea behind the accreditations was to supplement the CCIE or Cisco Certified Internetwork Expert program. Cisco would have extended its qualifications and supplies lots of certifications for experts of all experience levels from that point forward. CCNP Overview: CCNP or Cisco Certified Network Professional is considered the certification available for IT specialists with one year of expert experience in computer system networking. A diploma or equivalent in a significant fie
Read more