🔴 Network Security Quiz for CCNA ❕

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] [Music] [Music] [Laughter] do [Music] [Music] it is great to have everybody here thanks for showing up a few minutes early we're gonna start in about five minutes and uh i'm glad you're here i had a great week oh my gosh friday i took the nrc exam this is part of the ccnp and uh really challenging exam passed it thankfully i've been doing some more work in the office working on sd-wan having a lot of fun so i've been keeping really really busy but i absolutely enjoy connecting with you occasionally here on youtube so thank you very much also right after the quiz today i'm gonna be jumping on the discord server so if you want to join us there afterwards feel free i'll be in the ccna voice chat room on the discord server links in the description below all right so i'm gonna go radio silent for a moment or two and uh we'll be back in just a little bit to kick off the game thanks for being here just gonna test a few of my screens real quick that should be the full screen that should be the full desktop that's the full desktop and me up in the corner and this is me with a ticker yep okay all good see you in the game [Music] [Music] [Music] [Music] [Music] how [Music] [Music] so unbelievable unbelievable rookie mistake i was muted thank you for telling me i should have been looking at the chats the key is you're here i'm glad you're here and enjoy the quiz all right use a password manager oh my gosh so you had an opportunity to watch me just blah blah blah with my mouth without the audio on i turned it off earlier because i wanted to make sure i could type stuff and i have the key noise come in i'll clip that off in post once it's up there that's so funny all right what is the best practice for users and their passwords and the answer to that is a password manager if you are not using a password manager yet you need to start and so um that's the number one thing that an average user can do is use a password manager to protect their passwords all right all right and oh my gosh so great um let me check the stream real quick i set the delay to the ultra low delay so i think from a youtube perspective we are at the fastest response possible also most these questions have 60 to 90 seconds so here everybody is question number two and ryan's saying yeah i'm sure it was amazing what he was saying absolutely all right i appreciate the love in the chats by the way so let me call him who has his number so uh kelvin reached out to me and let me know i was muted as well thank you everybody i appreciate you all right after pressing enter what is required for access let's take a look at this bad boy let me bring out a pin real quick and let's talk about this for a moment so we have a username jim and this user is in the local database whenever it says local database like you should read cisco documentation it talks about the local database it means the running config on that local device that would mean the running config on r3 so we have a local username called jim he's got a privilege of level five and there's his password and then we have an enable secret of this and we have enabled password of this we should anytime you type in the word password on a cisco device these days think twice because that refers to legacy and less encrypted uh security but anyway um on this ios device it's supported both of them if they're both present the enable secret is going to win that's the privilege level 15 secret so currently jim is logged in and i think jim typed in disable yes he did and to get back into privilege mode he's going to need the enable secret he's not gonna have to log back in he's already logged in i has to do is type in enable put in the enable secret and he is good to go all right and we had a lot of people that got that question correct very proud of you 58 way to go here's the next question it is this using telnet on a vty line which of the following is true for the authentication [Music] so [Music] so [Music] all right we have a minority vote here for 19 or for the blue and i'd like to talk about this just for a moment so let's treat this like a learning experience because that's definitely what it is and let me bring up a pen and let me use this color all right so if i was given a scenario like this i might was look at the config briefly and then take a look at the possible answers and then ask myself what is happening what's going to happen so triple a new model i think we're familiar with that one and then as a result of doing triple a new model we have the ability to create method lists so here's how to here's how a method list operates we create a method list and then we can say like on a vty line or a console line hey use this method list for authentication and it does we can also set a default method list which will be used everywhere unless there's a more specific method list that's applied so let's let's take a look at this holistically and see what's going to happen the question was using telnet which is true for the authentication so if they're using telnet that means they're going to come in on one of these lines it also is true that if they're using ssh they would be coming in the user would be coming in on one of these logical vty lines so we don't need to worry too much about line console zero we really need to worry about down here and so there's a password this is a local password for the vty line there's also this method list right here and this method list is called vty in uppercase they are case sensitive by the way so this aaa authentication login vty is a method list and it basically says if this method list is used somewhere which it is right here on this vty line these five vty lines then use the local database which refers to the running config on this device which means that if somebody connected on one of these vty lines whether they're connecting via ssh or they're connecting via telnet it's going to prompt them because this method list is going to prompt them for a username and a password and in this case admin could log in and admin's password would be cisco exclamation mark 2 3. um i won't specify what's going to happen over here on line console 0 because i'll tell you why that's another question it's coming up all right let's continue on also today i will be hanging out in discord if you want to have a chat right after um this live event so if you have any questions on any of these uh these if you have a question on these questions please don't hesitate to bring them over to discord i'll be in the ccna voice channel right after there for any live questions okay who's on top mystery bear all right moving forward question four of seven more than halfway there which are true about this single access list entry if it was applied as part of an access list and thanks umar for the feedback and also nicholas if you want to if you can join us right after in discord in the ccna voice chat and bring that question i can bring all these questions up and share my screen and be happy to go over the details for any one of them wow nicely done 60 answers on the actual correct answer fantastic let's just take a peek and here is our peak uh this acl entry says deny okay i want to deny if it's layer 4 protocol udp also known as protocol 17 in decimal i wanted and here's the source portion right here so if this is designed this is nice traffic if it's udp and it's sourced from host 10 1 0 55 we can imagine a device with that 32-bit ip address exactly if this is all the source information if the source port equals 53. so if we had a user like jim who's making a dns request the sort the destination port would be udp port 53. when the server responds back to that the source port would be udp port 53 and that's what this would be matching so if there was a server at this ip address with that source port of 53 going back to anyone on the 2035 subnet because the wild card mass says we don't care about that last octet that would be denied so if you need to brush up on ip addressing or subnetting i got some comments earlier about subnet saturdays being rocking cool and if you want to learn how to do subnetting and masking and variable links subnet masking and everything else the subnet saturdays is a great great resource and it's free here it's on youtube there's like 11 or 12 videos just go to the keith barker channel look for subnet saturday and you can be a subnet ninja in just a matter of about a week or two if you just take one video every other day or so okay you guys did great i'm super impressed 60 on the right answer way to go all right here we go next question 507 multi-select and the question is this which of the following are true about this single axis list entry good luck everybody and kidding me i was asking are you still doing subnet saturdays there's 11 videos in that playlist called subnet saturdays and uh it covers like everything core with ipv4 subnetting so the basics so it's like 11 videos um if there's anything additional regarding actually it covers everything a person would need to know at the ccna level and ccnp level for that matter so i i don't know if there's anything any additional content regarding subnet saturdays that needs to be made i'm open for feedback though if you want something additional regarding subnet saturdays let me know i'll consider it okay what's true about this access control list entry let's let's talk about that for a moment regarding this access control entry it's a deny we're looking for the layer 4 protocol of udp the source is 10.1.0 which would be a slash 24-bit network and that's because the wildcard bits say we don't care about this last octet and then that's the end of the source part and then the destination would be 10 44 0. well here's our wild card mask says i don't care about that or that so this would be the 10.44 16 network it would match on anything in that range if the destination port over here in the destination side of the equation equals 53 which exactly is a dns request that would be coming from a client so great job on those answers access control lists are important to understand i also want to tell you i also want to share with you with my mic on now i also want to share with you the fact that access control lists are a great way to start learning about you know control but an access control list is really just matching it's just matching on a set of parameters like the layer 4 protocol or the layer 3 ip addressing information and by using an access control list to identify traffic we can then use that access list for lots of purposes so as we get into ccmp and other more advanced topics in ccna we have additional lists we have distribute list and prefix lists and other kinds of lists that we're going to use for identifying traffic and then manipulating that traffic and so starting off with extended access list and standard access list in and cc day is a great place to start and the more you learn here guess what you get to apply it going forward it's fantastic so great job most you've nailed this one perfect all right we're almost done and mystery bears on top with 5238 points congratulations how can you verify if a user is connected via secure shell or as his friends column ssh so all right how do you verify users connected you do a show ssh they'll show your current ssh connections so who that command is very much like the uh show users command fact that's what it is that's what who does and show ipssh will show you if you're enabled for ssh including the flavor like 1.99 or 1.9 or 2.0 1.9 means it's supporting you know multiple flavors of ssh not just ssh version 2. so the correct answer is red great job for those who got it and i think we have one last question and here it is no pressure but this is for the final score could be tied based on this element oh no oh no it's a tough one or is it so oh yeah i hear you everybody if this music was playing during the ccna exam just taking the live exam without this kind of music is going to be a walk in the park all right for console port access which are true regarding the authentication so we get uh a lot of people on blue user will be in privilege mode and uh a good number of people on red let's take a look at why green is not correct all right so aaa new model so the question is for console port access let's focus on that if somebody's connecting via the console meaning they're on the console port this is what is going to be possibly relevant so line console zero if a if somebody connects they are going to be in king kong mode that's what that means provost 15 uh without any other type of authorization or controls in place whoever does connect successfully is going to be level 15 and then there's also a local password configured but it doesn't mean it's required let's talk about why triple a new model aaa authentication login vty is the method list that's uses the local database that's applied down here that doesn't apply to our scenario but what does apply is this bad boy aaa authentication login default that means if i was the router we would say something like this you know what if there's not something more specific in place like this method list here on the v2y lines if there's not anything more specific in place when people try to log in by default i'm going to use one of my configured group of aaa servers this example attack dac server and reach out to that tacx server for the authentication of the user if that user if that techx server is not available i mean i can't reach it it's down or i have a network problem then after a very short time out it will stop over and say okay i'll use the local database and that's what that's what that means and because line console zero doesn't have a more specific method list it would use the tacx and if the tech hack server wasn't reachable it would use the local database so i'm hoping that was part of two of our answers let's find out yup tacx will be attempted if it's reachable and user will be in privilege mode oh yeah yeah i went above and beyond with the other definition but they'll be in privilege mode because of 15. all right so con pass wouldn't be used because of this method list the default method list with aaa already set up all right let's see who won this thing on the podium please with five thousand six hundred and six points third place stellar turtle second place dimpling finch and first place with five thousand eight hundred nine points royal elephant ah nice nice nice congratulations everybody um also i would encourage you these are the um this is the feedback i get from these quizzes by the way like which which were the toughest questions nine percent correct nineteen percent correct and that way it gives me a heads up on what i should work on uh what those things that might be most beneficial for the community and if i can get your feedback that'd be great so that's it for this quiz most i have there's over 100 like 110 videos now regarding ccna content that are in the ccna playlist on the youtube channel so feel free to uh take a look at that if you're studying some topic you might get a deeper dive in it just go grab that topic from the master playlist also if you are going to be taking your ccna exam you think oh am i ready there's a playlist with all these quizzes in it so there's like eight or nine now so if you go through them and you look at the questions and you you know the answers to them and you know why that's a really good indicator you're ready if you see some questions think i have no clue what that is or how it works or why that would be an indication you need to study all right so that's it i appreciate you joining me for this live quiz i have got some more content coming out oh also i've got a new video out that i released about four or five days ago that shows the transformation of this office so if you're interested in what did that look like before it was converted to a recording studio uh how bad was it uh how dusty was it how different does it look now it's all in that video so if you enjoy it if you want to take a look at that that's available for you um i've got some new content coming out as well in fact let me share with you well i'll surprise you i got took some feedback from the community about what else you needed or wanted and there's over like i said over 110 videos that are ccna related in the ccna playlist so i would encourage you to look at that if you need questions answered or learned details about ospf or spanning tree or layer 2 switching or trunking or access control or security layer 2 security included aaa i think most of it is there so enjoy that and that's it i'm going to be jumping into the discord server live for a few minutes right after there's a link in the description below if you want to join i'll be in the ccna voice chat room give me just a few minutes to get a sip of water and i'll be right there live to join you so uh thanks for joining me today and uh good luck in your studies whether it's ccna ccnp or beyond i wish you the best and i know you can do it so be well and we'll catch you next time you

Info

Channel: Keith Barker

Views: 4,763

Rating: undefined out of 5

Keywords: osi model, mac address, transport layer, internet protocol, tcp/ip model, ip address, computer network, keith barker ccna 200-301, keith barker ccna, cisco ccna, ccna 200-301, cisco certifications, practice exam, security, information security, ccna certification, information technology basics, information technology for beginners

Id: brF-WXOd7-0

Channel Id: undefined

Length: 24min 58sec (1498 seconds)

Published: Sun Aug 30 2020