General: the ISE internal database with the adminstrator account keeps on going disabled, just re-enable the account Lab 2-2 SNMP browser did not work, set the management interface to accept management traffic (tick box in asdm) Lab 2-4 Command used to restart networking service on attacker PC is /etc/init.d/networking restart Lab 3-1 Step 10 page 131 Login into the DMZ-SRV using root/Ci5coAdmin (not documentated) Lab 4-1 The smtp password in lab 4-1 is cisco Lab 4-2 Issues with dns on the employee pc, add sp-srv.sp.public to 209.165.200.233 to the hosts file to overcome Lab 4-2 Did not get the FTP banner as shown in screen shots due to high security level in inspect maps hidding the banner. Change if you wish. Lab 4-3 The Botnet database takes around 15 minutes or more to populate, add the two site statically from the command line as below hostname(config)# dynamic-filter blacklist hostname(config-llist)# name bad1.example.com LAB 4-4 Dont wait for the ASA to register with the CDA, move on past the AD configuration and go back to check. =========CISCO LABS JULY 2014========== Access the Terminal server the password is "cisco123" from here you can clear the terminal lines and show the terminal lines "show line" Lab 2-4 Task 2 Step 1 The Attack PC does not appear to get its DHCP address when you change the switch port 0/3 to vlan 162 (top r/h corner of device icon). I manually assigned it with no problem and it worked. Remember to put it back to DHCP. An address from subnet 172.16.2.0/24 is required .1 is the ASA address the gateway. Lab 3-2 Test to SP-SRV 209.165.200.233 not 198. . . notes incorrect. =========EMEA LABS Jan 2015============== Remeber to TURN OFF any attackes from the Attacker PC. Leaving the attacks on will cause issues on the switch such as duplicate addresses and lack of connectivity across the switch The attacker-pc keeps on shutting down. this is because the default option on the attacker pc is to shutdown when the delegates carriage return. use F8 on the attacker PC to refresh the screen. LAB 2-3 page L-85 It looks like you cannot access the nics (classroon etc) on the employee pc as you use to. Also it needs admin rights to disable and enable the interface. To refresh the ip address just do a "ipconfig /release" followed by "ipconfig /release"