Sumit, As for the first question: I can see what you mean. The show run and show start will be the only issue I believe, but they should be able to show anything they have the ability to configure. I can't speak for what Yusuf was trying to do here, but I most likely would have included the show commands just because of how I would interpret the statement. Not that that answer will help much but I didn't write the lab. It could also just me a typo- proctors are people too and can make mistakes.
So for the second question, the rule of thumb is that we only do what we are told. Being able to remove the commands is not required, however if we don't break the rules of the task we can have additional configuration that should not be counted against us. Regards, Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Mailto: [email protected] Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com Platinum Solutions Group (PSG) provides high-end consulting services with a primary emphasis on Cisco's Data Center Solutions, Service Provider Solutions, Unified Communications and Security-enabled infrastructures. Be sure to visit www.platinumsolutionsgroup.com. On May 14, 2010, at 9:25 AM, Sumit Mahla wrote: > Any suggestions guys? > > > From: [email protected] > To: [email protected]; [email protected] > Date: Thu, 13 May 2010 19:49:12 +0530 > Subject: [OSL | CCIE_Security] points marking for Yusuf Lab 2 section 5.2 > > Hello all, > > In Section 5.2 of Yusuf Lab 2...... he says that the user must be allowed to > execute any show command.... > > but in the solution of this section he has not configured "privilege exec all > level 5 show" > > > Any suggestions? > > > and one more thing in the same question he says that the user must be able > configure any dynamic routing protocol and any interface specific command... > but in shell command authorization set.... he has evrything configured... but > the "no" command is missing.... so user can only configure the allowed > commands but can not remove these... so what if we configure the no command > as well... do you thing we would loose point? > > > > The latest auto launches and test drives Drag n' drop > The battle for the FIH Hockey World Cup Drag n' drop > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
