From: Tim (ccie2be@nyc.rr.com)
Date: Wed Aug 09 2006 - 23:35:26 ART
Mike,
That's exactly right.
To see other stuff in the show run output, the other stuff has to also be
set to that privilege level. IOW, to see in the show run output interface
settings, you need to set the interface command to that level or lower and
you need to set all the interface config commands to that level or lower
also.
One way around that (if I recall correctly) is to set show start to 0 or 1.
It's been a while for me so you need to verify that.
HTH, Tim
_____
From: Michael Stout [mailto:michaelgstout@hotmail.com]
Sent: Wednesday, August 09, 2006 9:20 PM
To: ccie2be@nyc.rr.com; ccielab@groupstudy.com
Subject: RE: required security tasks
Thanks:
Just one question on privilege levels:
When i set the sho comamnd and show running command to privilege level 0 i
can never see any output in the sho run command.
Does anybody know the trick to getting the complete output to show up when
you reassign the privilege level?
_____
From: "Tim" <ccie2be@nyc.rr.com>
Reply-To: "Tim" <ccie2be@nyc.rr.com>
To: "'Michael Stout'" <michaelgstout@hotmail.com>, <ccielab@groupstudy.com>
Subject: RE: required security tasks
Date: Wed, 9 Aug 2006 11:25:29 -0400
And, I forgot to mention...
Know how to configure Privilege Levels inside out, backwards and forwards.
This is not trivial or intuitive and once you do know it, it's easy to
forget.
Also, this is applicable to the lab as a whole, not just the security
portion...
Know each of the different ways to accomplish any configuration task.
For example, if there are 3 ways to do something, Cisco will definitely NOT
allow the 2 ways you already know.
For example, let's say you're not allowed to use an ACL to block traffic.
Do you know how to use class-map and policy-map to accomplish the same
things?
Maybe you can prevent traffic from going to a subnet by not advertising that
subnet. Think creatively about how each task can be accomplished.
Also, read every page of the Security Config guide.
Make sure you know...
TCP Intercept
uRFP
and everything else in there.
Study and practice using each command and command option.
Make sure you know how to use each command option because some of them are
not at all intuitive (at least for me).
I know that following my recommendations is not easy but then, neither is
the lab.
HTH, Tim
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Michael Stout
Sent: Wednesday, August 02, 2006 3:16 PM
To: ccielab@groupstudy.com
Subject: required security tasks
Hello:
Im trying to tighten up my routing and switching security studies.
Can anybody provide feedback on whether the following topics are likely
to be covered in the routing and switching lab?
CBAC
Reflexive ACL
IP-Inspect.
Thank You
Mike
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:56 ART