Overview

Introduction

The Implement the Cisco Adaptive Security Appliance module provides you with the instructions and Cisco hardware to develop your hands-on skills in the following topics:

  • Configuring core ASA features
  • Configuring NAT
  • Configuring a security policy
  • Modular Policy Framework

Exam Objectives

The following exam objectives are covered in this lab:

  • CS0-001 1.3: Given a network-based threat, implement or recommend the appropriate response and countermeasure.
  • CS0-001 2.1: Given a scenario, implement an information security vulnerability management process.
  • CS0-001 4.1: Explain the relationship between frameworks, common policies, controls, and procedures.
  • CS0-001 4.2: Given a scenario, use data to recommend remediation of security issues related to identity and access management.
  • CS0-001 4.3: Given a scenario, review security architecture and make recommendations to implement compensating controls.
  • CS0-001 4.5: Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies.

Exercise 1 - Configuring Core ASA Features

In this module you will configure a Cisco ASA firewall, enabling Internet access for the internal users and DMZ web access for external Internet-based users to be able to access your corporate web server.

In this exercise, you will build the base configuration of the Cisco ASA firewall, LDNFWASA01 so that you can remotely connect and use the Cisco ASA Device Manager (ASDM) to make further configuration changes to the firewall.

Exercise 2 - Configuring NAT

In this exercise, you will configure NAT so that you can browse to PLABEXTCLI from PLABMGMT. This will take place using a valid routable Internet address for the PLABMGMT device and not its own private address. You will also configure a translation such that the PLABDMZWEB server will have a valid external IP address.

Exercise 3 - Configuring a Security Policy

In this exercise, you will configure a policy to allow Internet based devices to browse into your webserver PLABDMZWEB.

This will complete the basic configuration of the Cisco ASA firewall.

Exercise 4 - Modular Policy Framework

In this exercise, you will create a default modular policy framework (MPF) that the ASA will use to inspect traffic.

Ensure you are still connected to PLABMGMT and you are logged into the ASDM software.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.