Home > Articles > Cisco Certification > CCIE > CCIE Security Practice Labs

CCIE Security Practice Labs

Section 9.0: IP Services and Protocol-Independent Features (10 points)

9.1: NAT (4 points)

  1. Create a loopback on R3 with 192.168.3.1/24. Configure NAT translation on R3 for this network to be translated to interface IP address with overload. You should be able to ping anywhere in the network from R3 sourcing from this loopback and get NATed to the corresponding egress interface.

9.2: NTP (2 points)

  1. Configure R1 clock polling from NTP server R2. All NTP packets should be encrypted. Update the system.

9.3: SNMP (2 points)

  1. Configure R3 to report the BGP configuration to Network Management System 192.168.6.99 (NATed 10.50.31.99). Configure the appropriate static/ACL on the PIX to achieve this task.

9.4: Policy Routing (2 points)

  1. There is a mail server 10.50.31.98 and a web server 10.50.31.99 on VLAN20. Configure such that networks behind and from R1

  2. Traverse via R2 to reach the mail server
    Traverse via R3 to reach the web server
13. Section 10.0: Security Violations (5 points) | Next Section Previous Section