|
I failed the exam the other day
& a9 @0 F0 I! Y$ e$ ~+ U" H+ G) o: n3 t# N
The fail was down to the config as I was not up to speed on the A3-4 variation and had forgot the flows etc and it was just too difficult in the short time to do it all. I lost a lot of memory also but that is life. ; K, p. ~. o) e1 a5 j9 a i
* ~7 h g: S* ]
Tshoot - Old - Pass( b& L W& b1 D" ^2 b% @
1 - Add vlan 12 between SW 1 and 2
! A t8 x- g3 a6 j2 - ppp missing on R17. removed chap callout, no ppp route acceptance' J% \: m) u& R6 {! q
3 - Cost on R22 & wrong ospf PID on one of the routers4 N$ Q+ Z" l7 j: ]
4 - had to add metric 1 1 1 1 1 1 and remove delay on R13. R13 also had passive facing R11
! V$ j3 |' Z. l9 Z- K5 - everything worked past R2 and no matter what I tried I couldn't get the Probe 2 trace to start at R5's link. Very disappointed I couldn't solve that anyone know this one?
: } _( Z7 J1 w# J7 y; M9 ~3 P6 - Wrong Ipv6 config on R22 aswel as wrong next hop. ; `2 z! v0 Z+ t
7 - SO many! eigrp summary - split horizon, wrong maps on R18 and R19, maybe more but I solved it. YOu need one of the 2 four pointers or you likely will fail TS. ' q. s- w" d% B/ k) V+ A# r! p; b
8 - Just couldn't get my head around this. AS-Path attribute map Was not my strongest ticket going into the exam.
( Y5 Q! x, H( M. i" u9 u/ x, A9 - Cannot remember - I think the issue was on R7 - Maybe missing map dynamic
" X( i! }* z4 G3 C' d( ?- o6 \# J10 - MAC configured under NAS interface - removed and set correct identifier under the dhcp router.
- }! _5 q. [1 |0 I/ \0 Q3 s
1 o$ T2 J- k4 R% y( @9 xDiag - New DHCP and Hacker - Pass) r' R) R- y7 {( @% [% ]6 D; \
# h$ G. q& y9 H' o5 @" A: YProblem device - SW1 relay switch3 b+ M4 e9 @# X* J+ ^. H
IP dhcp relay info trusted was empty+ Y8 |5 g' Y9 }" v, y7 r
filtered by bootp and picked the first packet where you see the mac of the server in the header. Mine was 113
; D5 n- U& a2 @7 ~0 O$ C( Q2 u
$ }. z! Q* H! ^: \* DHacker* q: o% P% d' ~ T/ w6 I& Z" ^
I took an age doing this. Its tricky the way they word it. I went through the full unscrambled script in the packets also7 p6 [4 E$ h+ C$ n, g1 A3 V5 X; e6 D$ d
; \$ k, i& J2 T
What is happening. 7 y0 v0 H/ R2 ^& c& r
tcp connection from router to 10.1.2.1
( X* F" k; |# s9 I3 ddownload of tch script via http
! J9 O# {/ p- L' i) Osession from remote host to 10.1.1.1 over port 1337& T: V# V3 z- X
ransomware installed via the backdoor. ' X& u+ T1 V( p7 R$ }1 b( D) }
5 }- j4 k* f4 wtclsh copy flash via http
% s( A) P0 T, }4 b. J1 b: J% ?" J+ i2 M9 G2 W4 w. G4 E, p, G- s
Which will bring the system down
* x+ w, a9 K1 m# r0 M! gsudo poweroff2 J1 }# c) ?9 Q3 q5 a7 I |/ I
& \% {& @" J" Y0 O
A3-4 - Fail
9 B" j$ U: i' i: R' O4 AVRF version7 H$ e) i6 E( i6 d1 R# y; C0 k
8 ^3 m6 P; u, y* g
Asked for only 3 stp instances so used MST - Layer 1 was simple I passed it all. * H- U2 W( U! S1 ~4 U8 K
4 @* D. s: I% m- DAs I said I don't know much about these vars. Bad bad mistake I am very mad with myself.
* e, N4 U5 \6 O) B& h g' OI got a lot of the basic igp stuff going, all the mpls, DMVPN but because I hadn't fixed a lot of other routing steps (BGP mainly) I got 0 in the respective sections. 0 [/ A+ {* q, _. ~- a' x5 |1 N
" E- O7 s( B- n/ k- f9 j
* O2 N0 R- _0 s, ~; X2 W2 g# iOne note to take away is another candidate got B12 and said every single ticket was different to that on the forums. They got Non vrf A3 and passed config and diag and failed due to all the new faults in B12.
' u8 S. j, c" e/ A/ t: F" ?( }# Y) x; a& s1 v* v) k. N- ]
only god knows what I will get next time. I put all my hopes into getting the A5 variation done and I regret this.
3 }; h) c0 P, ?; Z. b7 K3 d* x- }5 Q0 [6 W% C
Anyway. It was a great experience and I will be back stronger. ) A! F8 q4 n/ |2 [6 j& p
2 p4 S) N# _9 r
Lesson learned.
1 \! A! ?$ B; _5 Y% q! ~8 a |
|