Scribd
Upload
192 views3 pages

CSE3501-Information Security Analysis and Audit

This document contains instructions for two lab assessments on information security. [1] The first assessment involves implementing access control lists on routers to filter traffic between different networks. Students are asked to create standard and extended ACLs, apply them to router interfaces, and observe their effects. [2] The second assessment involves configuring a Cisco ASA firewall and router to protect an enterprise network's internet access. Students will set up the physical network, configure basic firewall features, test operations, add an outbound access control list, and configure network address translation. For both assessments, students should document their work with screenshots and configuration commands.

Uploaded by

Shiva
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
192 views3 pages

CSE3501-Information Security Analysis and Audit

This document contains instructions for two lab assessments on information security. [1] The first assessment involves implementing access control lists on routers to filter traffic between different networks. Students are asked to create standard and extended ACLs, apply them to router interfaces, and observe their effects. [2] The second assessment involves configuring a Cisco ASA firewall and router to protect an enterprise network's internet access. Students will set up the physical network, configure basic firewall features, test operations, add an outbound access control list, and configure network address translation. For both assessments, students should document their work with screenshots and configuration commands.

Uploaded by

Shiva
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

SCHOOL OF INFORMATION TECHNOLOGY AND ENGINEERING

CSE3501- Information Security Analysis and Audit

Lab Assessment – 2

1) Access Control List ( Standard/Extended )

Instruction:
Read the initial configuration of the network to implement Accedss Control List. Softcopy
of your lab document should contain the following in the same order
a. Snapshot of the network configuration
b. Copy the questions (8 questions)
c. For each question write your inference
Initial Configuration
Configure two network A and B. Connect the two network A & B to the static routers R1_regno
and R2_regno. In network A, configure one host (H1) and in another network(B), configure two
hosts namely H2 and H3. The organization wants to provide a more secure network by filtering
the traffic across the router. For this purpose, the network administrator creates a Standard Access
list which acts as a firewall in the router to deny and permit the IP address crossing the particular
router. To implement the above scenario in the network, perform & answer the following

Figure 1.1 XYZ company network


Questions:
(1) Create the Standard Access List (ACL-1) using the following rules
a. Accept the communication from device H2 to H1
b. Deny the communication from H3 to H1
(2) Apply the access list to the interface on the router as “outbound”
(3) Verify the created Access List by checking H2 and H3 to reach the destination host H1
(4) Install a new host(H4) in the network B in Figure 1.1
(5) What will happen if the order of access list is applied as given below? State your inference for
each case.
a) Case 1: Deny H3
Permit any
Deny H2
b) Case 2: Deny H3
Deny H2
Permit any
(6) Delete the access list (ACL-1)
(7) Configure another network C with one host H5 connected to the Router R2 as shown in
Figure 1.2
(8) Create an Extended ACL-2 on R2 as “inbound” to deny and permit the source and destination
IP address. ACL-2 should deny H2 to access H1 and permit access to all the other host.

Figure 1.2
2) Configure the Cisco ASA Firewall and a Router

In this lab exercise you will complete the following tasks:

●Task 1:

Setup the physical network with PCs, Switch, Router and Firewall & its
console

●Task 2:

Configure basic cisco ASA Firewall features to protect Internet access to


an enterprise network

Test and verify the basic Firewall and the Cisco Router operation and
configuration

●Task 3:

Configure an Outbound ACL / Test and Verify the Outbound ACL

Create a document with all snapshots of your work including network diagram
and Commands given.

●Task 4:

Configure the Firewall as a NAT

**********

You might also like