Grateful if the expert could advise on it.
11. If there is one DMZ, does the extra default route (item a) need to be configured for the DMZ?
a. route dmz 0.0.0.0 0.0.0.0 18.104.22.168 (for DMZ)
b. route outside 0.0.0.0 0.0.0.0 22.214.171.124 (for outbound traffic to Internet)
12 how do I defind the "CHK_attack" object if the command is configured as below?
ip audit interface inside CHK_attack
13. The decription from the command reference is obscure, grateful if you could advise on the "LOCAL". what user account to be auth?
aaa authentication enable console LOCAL
14 if the enable password is not configured but the enable secret was confiured, what will happen if the command is configured as below?
aaa authentication http console
15. Following is the default policy to be configured from the cisco web site. What happen if those commands are removed? what is the different between command "ip audit interface outside CHK_attack"?
policy-map type inspect dns preset_dns_map
message-length maximum 512
inspect dns preset_dns_map
inspect h323 h225
inspect h323 ras
service-policy global_policy global