LAB
Cisco 642-533: Practice Exam
Explanation:
1. Choose Configuraton->Policies->Event Action Rules->rulesO->Event Action Overrides
2. Check Use Event Action Override box
“Pass Any Exam. Any Time.” – www. 27
Cisco 642-533: Practice Exam
3. Choose Target Value Rating
4. Delete whatever is there – since you cannot edit, only add and delete
5. Add: there choose Mission Critical, range of IP addresses 172.16.1.3-172.16.1.4
6. Click OK, then Apply
7. Go to Event Action tab
8. Delete whatever is there (Deny Packet Inline for RR >=90)
9. Add Deny Packet Inline for the range of 80 to 100 (Minimum and Maximum fields). Enabled and Active should be true.
10. OK and Apply
11. Now go to rules0-> Event Action Filters and Add new one
12. Enter filter name – for example, PermitMS
13. Change Attacker Address field to 10.0.1.12
14. Change attacked destionation adresses to 172.16.1.3-172.16.1.4
15. Choose Deny Packet Inline from the actions to substract
16. OK and Apply
A.
B.
C.
D.