CCNA 3 V5 Skill Test Exam practice

exam-soultion

List of Area cover :

  • Configuration of initial device settings
  • IPv4 address assignment and configuration
  • Configuration and addressing of device interfaces
  • Configuration of the OSPFv2 routing protocol
  • Configuration of a default route
  • Configuration of ACL to limit device access
  • Configuration of switch management settings including SSH
  • Configuration of port security
  • Configuration of unused switch ports according to security best practices
  • Configuration of RPVST+
  • Configuration of  EtherChannel
  • Configuration of a router as a DHCP server
  • Configuration of VLANs and trunks
  • Configuration of routing between VLANs

Site 1:

  • Configure initial device settings.
  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure and customize OSPFv2.

HQ:

  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure and customize OSPFv2.
  • Configure named and numbered ACLs.
  • Configure and propagate a default route through OSPFv2.

Site 2:

  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure DHCP pools and excluded addresses.
  • Configure routing between VLANs.
  • Configure a standard ACL.
  • Configure OSPFv2.

SW-A:

  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings.
  • Activate and configure RPVST+.
  • Secure unused switch ports.
  • Configure port security.

SW-B:

  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings with SSH.
  • Activate RPVST+.

SW-C:

  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings.
  • Activate and configure RPVST+.
  • Configure switch ports with PortFast and BPDU Guard.

Router>en

Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname site-1
site-1(config)#no ip domain ?
lookup Enable IP Domain Name System hostname translation
name Define the default domain name
site-1(config)#no ip domain lookup
site-1(config)#enable secret cisco
site-1(config)#line console 0
site-1(config-line)#password cisco
site-1(config-line)#login
site-1(config-line)#
site-1(config-line)#exit
site-1(config)#line vty 0 4
site-1(config-line)#password cisco
site-1(config-line)#login
site-1(config-line)#exit
site-1(config)#
site-1(config)#line aux 0
site-1(config-line)#password cisco
site-1(config-line)#login
site-1(config-line)#exit
site-1(config)#line console 0
site-1(config-line)#logging sy
site-1(config-line)#logging synchronous
site-1(config-line)#exit
site-1(config)#banner motd “Authorized access only”
site-1(config)#service password en
site-1(config)#service password-en
site-1(config)#service password-encryption
site-1(config)#
site-1(config)#int s0/3/0
site-1(config-if)#bandwid
site-1(config-if)#bandwidth 128
site-1(config-if)#clock rate 64000
site-1(config-if)#ip address 192.168.100.22 255.255.255.252
site-1(config-if)#descripti
site-1(config-if)#description 2-central
site-1(config-if)#ip ospf cost 7500
site-1(config-if)#ip ospf mess
site-1(config-if)#ip ospf message-digest-key 1 md
site-1(config-if)#ip ospf message-digest-key 1 md5 xyz_ospf
site-1(config-if)#ip ospf authentication message-digest
site-1(config-if)#no shut

site-1(config)#int g0/0
site-1(config-if)#ip address 192.168.8.1 255.255.255.0
site-1(config-if)#des
site-1(config-if)#description
site-1(config-if)#description message-1A
site-1(config-if)#no shut

site-1(config-if)#
site-1(config)#int g0/1
site-1(config-if)#ip address 192.168.9.1 255.255.255.0
site-1(config-if)#des
site-1(config-if)#description clerck-1C
site-1(config-if)#no shut

OSPF on Site-1

site-1(config)#router ospf 1
site-1(config-router)#router-id 1.1.1.1
site-1(config-router)#area 0 authentication message-digest
site-1(config-router)#network 192.168.100.20 0.0.0.3 area 0
site-1(config-router)#network 192.168.8.0 0.0.0.255 area 1
site-1(config-router)#network 192.168.9.0 0.0.0.255 area 1
site-1(config-router)#

site-1(config-router)#passive-interface g0/0
site-1(config-router)#passive-interface g0/1
HQ:

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain lookup
Router(config)#line console 0
Router(config-line)#logg
Router(config-line)#logging s
Router(config-line)#logging synchronous
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#
Router(config-line)#line vty 0 4
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#
Router(config-line)#line aux 0
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#
Router(config-line)#service pass
Router(config-line)#service password
Router(config-line)#service password-encryption
Router(config)#banner motd “Authorized access only”
Router(config)#

Router(config)#int s0/3/0
Router(config-if)#bandwidth 128
Router(config-if)#ip address 192.168.100.21 255.255.255.252
Router(config-if)#description 2-East
Router(config-if)#ip ospf cost 7500

Router(config-if)#ip ospf message-digest-key 1 md5 xyz_ospf
Router(config-if)#ip ospf authentication message-digest
Router(config-if)#no shut

Router(config-if)#
%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up

Router(config-if)#exit
Router(config)#

Router(config)#int s0/3/1
Router(config-if)#bandwidth 128
Router(config-if)#ip address 192.168.100.37 255.255.255.252
Router(config-if)#description 2-west
Router(config-if)#clock rate 128000

Router(config-if)#ip ospf message-digest-key 1 md5 xyz_ospf
Router(config-if)#ip ospf authentication mess
Router(config-if)#ip ospf authentication message-digest
Router(config-if)#no shut

%LINK-5-CHANGED: Interface Serial0/3/1, changed state to down
Router(config-if)#exit
Router(config)#

Router(config)#router ospf 1
Router(config-router)#router-id 2.2.2.2
Router(config-router)#area 0 authentication me
Router(config-router)#area 0 authentication message-digest
Router(config-router)#default-i
Router(config-router)#default-information or
Router(config-router)#default-information originate
Router(config-router)#network 192.168.100.20 0.0.0.3 area 0
Router(config-router)#

Router(config-router)#network 192.168.100.36 0.0.0.3 area 0

Site-2 Area 2:

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname site-2
site-2(config)#no ip domain lookup
site-2(config)#enable secret cisco

site-2(config)#line console 0
site-2(config-line)#logg
site-2(config-line)#logging s
site-2(config-line)#logging synchronous
site-2(config-line)#password cisco
site-2(config-line)#login
site-2(config-line)#
site-2(config-line)#line aux 0
site-2(config-line)#password cisco
site-2(config-line)#login
site-2(config-line)#
site-2(config-line)#line vty 0 4
site-2(config-line)#password cisco
site-2(config-line)#login
site-2(config-line)#

site-2(config)#service password-encryption
site-2(config)#banner motd “Authorized access only”
site-2(config)#

site-2(config)#int s0/3/1
site-2(config-if)#bandwidth 128
site-2(config-if)#ip address 192.168.100.38 255.255.255.252
site-2(config-if)#description 2-central
site-2(config-if)#ip ospf message-digest-key 1 md5 xyz_ospf
site-2(config-if)#ip ospf authentication message-digest
site-2(config-if)#no shut

site-2(config)#ip dhcp excluded-address 10.10.2.1 10.10.2.5
site-2(config)#ip dhcp excluded-address 10.10.4.1 10.10.4.5
site-2(config)#ip dhcp excluded-address 10.10.8.1 10.10.8.5
site-2(config)#ip dhcp pool vlan2pool
site-2(dhcp-config)#network 10.10.2.0 255.255.255.0
site-2(dhcp-config)#default-router 10.10.2.1
site-2(dhcp-config)#dns-server 192.168.200.225

site-2(config)#ip dhcp pool vlan4pool
site-2(dhcp-config)#network 10.10.4.0 255.255.255.0
site-2(dhcp-config)#default-router 10.10.4.1
site-2(dhcp-config)#dns
site-2(dhcp-config)#dns-server 192.168.200.225
site-2(dhcp-config)#

site-2(config)#ip dhcp pool vlan8pool
site-2(dhcp-config)#network 10.10.8.0 255.255.255.0
site-2(dhcp-config)#default
site-2(dhcp-config)#default-router 10.10.8.1
site-2(dhcp-config)#dns
site-2(dhcp-config)#dns-server 192.168.200.225
site-2(dhcp-config)#exit
site-2(config)#

Inter – Vlan:
site-2(config)#int g0/0.2
site-2(config-subif)#encapsulation do
site-2(config-subif)#encapsulation dot1Q 2
site-2(config-subif)#ip address 10.10.2.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#

site-2(config)#int g0/0.4
site-2(config-subif)#encapsulation dot1Q 4
site-2(config-subif)#ip address 10.10.4.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#

site-2(config)#int g0/0.8
site-2(config-subif)#encapsulation dot1Q 8
site-2(config-subif)#ip address 10.10.8.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#

site-2(config)#int g0/0.15
site-2(config-subif)#en
site-2(config-subif)#encapsulation d
site-2(config-subif)#encapsulation dot1Q 15
site-2(config-subif)#ip address 10.10.15.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#

site-2(config)#int g0/0.25
site-2(config-subif)#encapsulation dot1Q 25
site-2(config-subif)#ip address 10.10.25.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#
Router summarization:
site-2(config)#int s0/3/1
site-2(config-if)#ip summary-address eigrp 100 10.10.0.0 255.255.240.0
site-2(config-if)#exit

Access-list:

site-2(config)#access-list 1 permit 10.10.15.0 0.0.0.255
site-2(config)#int g0/0.25
site-2(config-subif)#ip access-group 1 out
site-2(config-subif)#
OSPF

site-2(config-router)#router-id 3.3.3.3
site-2(config-router)#passive-in
site-2(config-router)#passive-interface g0/0
site-2(config-router)#network 192.168.100.36 0.0.0.3 area 0
site-2(config-router)#
site-2(config-router)#network 10.10.2.0 0.0.0.255 area 2
site-2(config-router)#network 10.10.4.0 0.0.0.255 area 2
site-2(config-router)#network 10.10.8.0 0.0.0.255 area 2
site-2(config-router)#network 10.10.15.0 0.0.0.255 area 2
site-2(config-router)#

SW1:

Switch>
Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname Bldg1
Bldg1(config)#no ip domain lookup
Bldg1(config)#enable secret cisco
Bldg1(config)#service pass
Bldg1(config)#service password-encryption
Bldg1(config)#
Bldg1(config)#line console 0
Bldg1(config-line)#lo
Bldg1(config-line)#log
Bldg1(config-line)#logging s
Bldg1(config-line)#logging synchronous
Bldg1(config-line)#password cisco
Bldg1(config-line)#login

Bldg1(config)#line vty 0 5
Bldg1(config-line)#password cisco
Bldg1(config-line)#login
Bldg1(config-line)#exit
Bldg1(config)#banner motd “Authorized access only”
Bldg1(config)#

Bldg1(config)#ip default-gateway 10.10.25.1

Bldg1(config)#vlan 2
Bldg1(config-vlan)#name sales
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 4
Bldg1(config-vlan)#name prod
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 8
Bldg1(config-vlan)#name acct
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 15
Bldg1(config-vlan)#name admin
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 25
Bldg1(config-vlan)#name sv1-net
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 99
Bldg1(config-vlan)#name null
Bldg1(config-vlan)#exit
Bldg1(config)#
Bldg1(config)#int vlan 25
Bldg1(config-if)#

%LINK-5-CHANGED: Interface Vlan25, changed state to up

Bldg1(config-if)#ip address 10.10.25.254 255.255.255.0
Bldg1(config-if)#no shut
Bldg1(config-if)#

Bldg1(config-if)#int fa0/5
Bldg1(config-if)#switchport mode access
Bldg1(config-if)#switchport access vlan 2
Bldg1(config-if)#exit
Bldg1(config)#int fa0/6
Bldg1(config-if)#switchport mode access
Bldg1(config-if)#switchport access vlan 4
Bldg1(config-if)#exit
Bldg1(config)#int fa0/7
Bldg1(config-if)#switchport mode access
Bldg1(config-if)#switchport access vlan 8
Bldg1(config-if)#exit
Bldg1(config)#int fa0/8
Bldg1(config-if)#switchport mode access
Bldg1(config-if)#switchport access vlan 15
Bldg1(config-if)#exit
Bldg1(config)#

Bldg1(config)#int range fa0/9-24
Bldg1(config-if-range)#switchport mode access
Bldg1(config-if-range)#switchport access vlan 99
Bldg1(config-if-range)#shutdown
Ether-channel:
Bldg1(config)#int range fa0/1,fa0/4
Bldg1(config-if-range)#channel-group 1 mode active
Bldg1(config)#int port-channel 1
Bldg1(config-if)#switchport mode trunk

Bldg1(config)#int range fa0/2-3
Bldg1(config-if-range)#channel-group 2 mode active
Bldg1(config-if-range)#int port-channel 2
Bldg1(config-if)#switchport mode trunk
Bldg1(config-if)#
PVST+:

Bldg1(config)#spanning-tree mode rapid-pvst
Bldg1(config)#spanning-tree vlan 2 root primary
Bldg1(config)#s
Bldg1(config)#sp
Bldg1(config)#spanning-tree vlan 4 root primary
Bldg1(config)#sp
Bldg1(config)#spanning-tree vlan 8 root secondary
Bldg1(config)#sp
Bldg1(config)#spanning-tree vlan 15 root secondary
Bldg1(config)#

configure port-Security :

Bldg1(config)#int fa0/5
Bldg1(config-if)#switchport port-security
Bldg1(config-if)#switchport port-security violation restrict
Bldg1(config-if)#switchport port-security maximum 2
Bldg1(config-if)#switchport port-security mac-address sticky
Bldg1(config-if)#exit
Bldg1(config)#

ldg1(config)#int fa0/6
Bldg1(config-if)#switchport port-security
Bldg1(config-if)#switchport port-security violation restrict
Bldg1(config-if)#switchport port-security maximum 2
Bldg1(config-if)#switchport port-security mac-address sticky
Bldg1(config-if)#exit
Bldg1(config)#

Bldg1(config)#int fa0/7
Bldg1(config-if)#switchport port-security
Bldg1(config-if)#switchport port-security violation restrict
Bldg1(config-if)#switchport port-security maximum 2
Bldg1(config-if)#switchport port-security mac-address sticky
Bldg1(config-if)#exit
Bldg1(config)#
Bldg1(config-if)#switchport port-security
Bldg1(config-if)#switchport port-security violation restrict
Bldg1(config-if)#switchport port-security maximum 2
Bldg1(config-if)#switchport port-security mac-address sticky
Bldg1(config-if)#
SW-B:

Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname Bldg2
Bldg2(config)#no ip domain lookup
Bldg2(config)#enable secret cisco
Bldg2(config)#service pass
Bldg2(config)#service password-encryption
Bldg2(config)#line console 0
Bldg2(config-line)#password cisco
Bldg2(config-line)#logging s
Bldg2(config-line)#logging synchronous
Bldg2(config-line)#login
Bldg2(config-line)#
Bldg2(config-line)#line vty 0 15
Bldg2(config-line)#password cisco
Bldg2(config-line)#login
Bldg2(config-line)#exit
Bldg2(config)#banner motd “Authorized access only”
Bldg2(config)#

Bldg2(config)#line console 0
Bldg2(config-line)#password cisco
Bldg2(config-line)#logging s
Bldg2(config-line)#logging synchronous
Bldg2(config-line)#login
Bldg2(config-line)#
Bldg2(config-line)#line vty 0 15
Bldg2(config-line)#password cisco
Bldg2(config-line)#login
Bldg2(config-line)#exit
Bldg2(config)#banner motd “Authorized access only”
Bldg2(config)#
Bldg2(config)#
Bldg2(config)#ip ssh version 2
Please create RSA keys (of at least 768 bits size) to enable SSH v2.
Bldg2(config)#ip domain-name ccna.com
Bldg2(config)#crypto key generate rsa
The name for the keys will be: Bldg2.ccna.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]
Vlan :
Bldg2(config)#
Bldg2(config-line)#login local
Bldg2(config-line)#transport input ssh
Bldg2(config-line)#exit
Bldg2(config)#line vty 5 15
Bldg2(config-line)#login local
Bldg2(config-line)#transport input ssh
Bldg2(config-line)#ip default-gateway 10.10.25.1
Bldg2(config)#
Bldg2(config)#vlan 2
Bldg2(config-vlan)#name sales
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 4
Bldg2(config-vlan)#name prod
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 8
Bldg2(config-vlan)#name acct
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 15
Bldg2(config-vlan)#name admin
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 25
Bldg2(config-vlan)#name sv1-net
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 99
Bldg2(config-vlan)#name null

Bldg2(config)#int vlan 25
Bldg2(config-if)#
Bldg2(config-if)#ip address 10.10.25.253 255.255.255.0
Bldg2(config-if)#no shut
Bldg2(config)#int fa0/5
Bldg2(config-if)#switchport mode trunk

Ether-channel 1:

Bldg2(config)#int range fa0/1, fa0/4
Bldg2(config-if-range)#channel-group 2 mode active
Bldg2(config-if-range)#int port-channel 2
Bldg2(config-if)#switchport mode trunk
Bldg2(config-if)#
Bldg2(config-vlan)#exit
Bldg2(config)#

Bldg2(config)#int range fa0/2-3
Bldg2(config-if-range)#channel-group 3 mode active
Bldg2(config-if-range)#int port-channel 3
Bldg2(config-if)#switchport mode trunk

-PVST+
Bldg2(config)#spanning-tree mode rapid-pvst
Bldg2(config)#
SW -C:

Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname bldg3
bldg3(config)#
bldg3(config)#no ip domain lookup
bldg3(config)#enable secret cisco
bldg3(config)#service pass
bldg3(config)#service password-encryption
bldg3(config)#banner motd “Authorized access only”
bldg3(config)#
bldg3(config)#line console 0
bldg3(config-line)#password cisco
bldg3(config-line)#login
bldg3(config-line)#
bldg3(config-line)#line vty 0 5
bldg3(config-line)#pass cisco
bldg3(config-line)#login
bldg3(config-line)#exit
bldg3(config)#

bldg3(config)#ip default-gateway 10.10.25.1

bldg3(config)#vlan 2
bldg3(config-vlan)#name sales
bldg3(config-vlan)#exit
bldg3(config)#vlan 4
bldg3(config-vlan)#name prod
bldg3(config-vlan)#exit
bldg3(config)#vlan 8
bldg3(config-vlan)#name acct
bldg3(config-vlan)#exit
bldg3(config)#vlan 15
bldg3(config-vlan)#name admin
bldg3(config-vlan)#exit
bldg3(config)#vlan 25
bldg3(config-vlan)#name sv1-net
bldg3(config-vlan)#exit
bldg3(config)#vlan 99
bldg3(config-vlan)#name null
bldg3(config-vlan)#exit
bldg3(config)#

bldg3(config)#int vlan 25
bldg3(config-if)#ip address 10.10.25.252 255.255.255.0
bldg3(config-if)#no shut
bldg3(config-if)#
Ether channel 1:

bldg3(config)#int range fa0/1, fa0/3
bldg3(config-if-range)#channel-group 3 mode active
bldg3(config-if-range)#int port-channel 3
bldg3(config-if)#switchport mode trunk
bldg3(config-if)#
bldg3(config)#int range fa0/2,fa0/4
bldg3(config-if-range)#channel-group 2 mode active
bldg3(config-if-range)#

bldg3(config-if-range)#int port-channel 2
bldg3(config-if)#switchport mode trunk
bldg3(config-if)#exit
bldg3(config)#

PVST+
bldg3(config)#spanning-tree mode rapid-pvst
bldg3(config)#sp
bldg3(config)#spanning-tree vlan 2 root secondary
bldg3(config)#sp
bldg3(config)#spanning-tree vlan 4 root secondary
bldg3(config)#sp
bldg3(config)#spanning-tree vlan 8 root primary
bldg3(config)#sp
bldg3(config)#spanning-tree vlan 15 root primary
bldg3(config)#

port fast BPDU Guard Configure :

bldg3(config)#int range fa0/5-8
bldg3(config-if-range)#sp
bldg3(config-if-range)#spanning-tree portfast

bldg3(config-if-range)#spanning-tree bpduguard enable
bldg3(config-if-range)#no shut
bldg3(config-if-range)#

bldg3(config)#int fa0/5
bldg3(config-if)#switchport mode access
bldg3(config-if)#switchport access vlan 2
bldg3(config-if)#exit

bldg3(config)#int fa0/6
bldg3(config-if)#switchport mode access
bldg3(config-if)#switchport access vlan 4
bldg3(config-if)#exit
bldg3(config)#int fa0/7
bldg3(config-if)#switchport mode access
bldg3(config-if)#switchport access vlan 8
bldg3(config-if)#exit
bldg3(config)#int fa0/8
bldg3(config-if)#switchport mode access
bldg3(config-if)#switchport access vlan 15
bldg3(config-if)#

Thank you

Momataj Momo

Advertisements

2 thoughts on “CCNA 3 V5 Skill Test Exam practice

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s