Professional Documents
Culture Documents
2013
SOALAN PRAKTIKAL
Day 1
PERINGKAT AKHIR
NAMA: _______________________________________
1/10
2/10
Overview
1
EXAM
...............................................................................................................................................
3
1.1
CONTENTS ............................................................................................................................... 3
1.2
INTRODUCTION ....................................................................................................................... 3
1.3
1.4
1.5
PART 1 ..................................................................................................................................... 4
PART 2 ..................................................................................................................................... 6
PART 3 ..................................................................................................................................... 7
APPENDIX
........................................................................................................................................
8
2.1
Specifications ........................................................................................................................... 8
2.1.1
2.1.2
2.1.3
2.1.4
2.1.5
2.1.6
INSTRUCTIONS
...............................................................................................................................
10
3.1
3.2
3/10
1. EXAM
1.1 CONTENTS
1.2 INTRODUCTION
The
competition
has
a
fixed
start
and
finish
time.
You
must
decide
how
to
best
divide
your
time.
Internet
System Functions:
- Routing
- NAT
er
rv
System Functions:
- Mail Server
- VPN Server
- DHCP
Se
System Functions:
- VMWare Host
Vi
rt
ua
l
TRUNK 802.1Q
Vi
rt
System Functions:
- AD
- DNS
- Terminal Server
ua
l
Se
rv
er
Windows Server
Linux Server
4/10
1.5 PART
1
Working
TasksWindows
Virtual
Server
Note:
Please
use
the
default
configuration
if
you
are
not
given
the
details.
Please
configure
the
server
with
the
settings
specified
in
the
appendix
Install
the
services
o Configure
Active
Directory
Enable
Roaming
Profile
and
store
the
user
profiles
at
\\hostsrv1\profiles\username
Create
for
every
user
(not
administrator
account!)
a
home
folder
stored
at
\\hostsrv1\homes\username
and
ensure
that
that
is
mapped
to
Z:
at
each
logon
automatically
limit
the
storage
space
to
every
home
folder
to
15MB
prevent
any
.cmd
or
.bat
files
to
be
stored
on
the
home
folder
redirect
the
Favorites
and
the
My
Documents
folder
to
the
users
home
folder
Create
Active
Directory
Users
Create
an
OU
that
is
named
user
You
will
find
a
file
called
PKM2013_USERS.csv
with
names,
roles
and
units
of
all
workers
in
your
memory
stick;
use
this
file
as
a
basis
for
automating
the
creation
of
all
user
accounts.
Be
aware
that
all
information,
located
in
the
Excel
file,
regarding
any
user
must
be
present
on
accounts
created.
Create
departments
share
folders
on
\\hostsrv1\workers
and
\\hostsrv1\managersand
map
the
respective
folder
to
Y:
at
logon
depending
on
the
security
group
(Workers;
Managers)
the
user
is
in.
Users
should
not
be
allowed
to
access
other
department
share.
(Info?Look
at
the
provided
Excel-sheet!)
Set
the
passwords
of
all
users
listed
in
the
CSV
file
to
PKM2013.
o DNS
Create
a
reverse
zone
for
the
inside
IP
range
Also
create
a
zone
called
host.com
Register
the
E-Mail
server
in
the
zone
host.com
create
an
A
record
with
rdp.host.com
for
windows
hosts
Make
sure
that
DNS
requests
to
zone
host.com
from
internet
are
answered
with
host
public
IPs
and
those
from
inside
network
with
inside
IPs.
If
you
have
problems
with
this
configuration,
we
are
doing
functionality
check
on
this,
so
you
can
find
your
own
way
to
solve
this!
Install
Terminalservices
Configure
terminal
server
Access
via
Port
3389
and
over
the
web
(use
https)
Make
sure
that
only
users
from
terminal
users
group
can
use
the
terminal
server
Install
Remote
Desktop
Gateway
for
access
from
the
internet,
use
self-
signed
certificates
The
RD
Gateway
should
be
accessible
by
rdp.host.com
from
inside
and
outside
Install
Adobe
Reader
from
Drive
D:
(on
the
VMware
Host)
on
the
Terminal
server
Create
Remote-Apps
for
Adobe
Reader
5/10
6/10
1.6 PART
2
Working
Tasks
Network
Note:
Please
use
the
default
configuration
if
you
are
not
given
the
details.
Connect
the
LAN
cables
and
configure
IP
addresses
based
on
the
appendix
network
diagram
Hostsw1
configuration
o Use
port
1
for
connection
to
the
router
o Use
port
2
for
Linux
server
o Use
port
3
for
Windows
server
o Use
port
4
for
VLAN
client
o Use
port
5
for
VLAN
services
o Join
switch
management
into
VLAN
services
Configure
trunks
on
router(inside),
switch1
Router
configuration:
o Use
Fa0/0
for
internet
and
Fa0/1
for
inside
networks
o Enable
DHCP
relay
for
VLAN
client
o Enable
DHCP
server
on
Fa0/0
Range:
143.25.1.100-143.25.1.254
Apply
appropriate
DHCP
Scope
options
o NAT/PAT
Configure
PAT
for
internal
hosts
Configure
static
NATfor
outside
connections:
Static
NATto
hostsrv1
from
ip-address
143.25.1.2
Static
NAT
to
hostsrv2
from
ip-address
143.25.1.34
o ACL
Restrict
access
to
Linux
Server
from
outside
only
to
the
services:
MAIL
(POP,
SMTP)
HTTP
and
VPN
Restrict
access
to
Windows
Server
from
outside
on
to
the
services:
HTTPS,
RDP
and
DNS
Deny
all
other
traffic
from
outside
to
all
inside
networks
1.7 PART
3
Working
Tasks
Notebook
Note:
Use
the
default
configuration
if
you
are
not
given
the
details.
7/10
8/10
2 APPENDIX
2.1 Specifications
2.1.1
Computer name:
hostsrv1
DNS domain:
int.host.com
User name:
administrator
Administrator password:
PKM2013
IP address:
172.16.1.2
HOST
PKM2013$
On-board NIC
2.1.2
DOMAIN GROUPLIST
Groupname:
TerminalUsers
MailUsers
Workers
Managers
2.1.3
Members:
All
users
with
name
beginning
with
TerminalUsers
All
users
with
name
beginning
with
MailUsers
Terminaluser11-29,
mailuser11-28
Terminaluser1-10,
mailuser1-10
Computer name:
hostsrv2
Root password:
PKM2013
competitor
PKM2013
Domain name:
host.com
IP address:
172.16.1.34
Top NIC
2.1.4
NETWORK SPECIFICATIONS
172.16.1.0/27
172.16.1.32/27
172.16.1.64/26
172.16.1.128/25
Internet
143.25.1.0/24
PKM2013
2.1.5
NOTEBOOK SPECIFICATIONS
Organization:
hostserv
Computer name:
notebook01
Domain:
int.host.com
User name:
competitor
Password:
PKM2013
IP address
dhcp
2.1.6
NETWORK
DIAGRAM
Client
NETWORK
System Functions:
- Terminal Server Access
- VPN Client
Internet
Network Specification:
Name:
notebook1
Connected to VLAN 100 or outside
IP:
dhcp
Subnet: dhcp
Gateway: dhcp
Router
FE0/1
Switch
TRUNK 802.1Q
FE0/0
Network Specification:
Name: hostr1
IP eth0: 143.25.1.1
Subnet: 255.255.255.0
eth1:
IP VLAN 10: 172.16.1.1
IP VLAN 20: 172.16.1.33
IP VLAN 30: 172.16.1.65
IP VLAN 100: 172.16.1.129
Windows Hostmachine
Network Specification:
Name: hostsw1
IP:
172.16.1.66
System Functions:
- VMWare Host
Network Specification:
Name: hostsrv1
IP:
172.16.1.2
Network Specification:
Name: hostsrv2
IP:
172.16.1.34
System Functions:
- AD
- DNS
- Terminal Server
System Functions:
- Mail Server
- DHCP
- VPN Server
9/10
10/10
3 INSTRUCTIONS
3.1 INSTRUCTIONS
TO
THE
COMPETITOR
Do
not
bring
any
materials
with
you
to
the
competition.
Mobile
phones
are
not
to
be
used.
Do
not
disclose
any
competition
material
/
information
to
any
person
during
each
days
competition.
Read
the
whole
competition
script
prior
to
you
starting
work.
Be
aware
different
tasks
attract
a
percentage
of
the
overall
mark.
Plan
your
time
carefully.