




版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
1、1 A network administrator needs to configure a standard ACL so that only the workstation of the administrator with the IP address 3 can access the virtual terminal of the main router. Which two configuration commands can achieve the task? (Choose two.)Router1(config)# access-list 10 perm
2、it 3 Router1(config)# access-list 10 permit 3 * Router1(config)# access-list 10 permit 3 55Router1(config)# access-list 10 permit 3 55Router1(config)# access-list 10 permit host 3*2Refer to the exhibi
3、t. A router has an existing ACL that permits all traffic from the network. The administrator attempts to add a new ACE to the ACL that denies packets from host and receives the error message that is shown in the exhibit. What action can the administrator take to block packets f
4、rom host while still permitting all other traffic from the network?Manually add the new deny ACE with a sequence number of 5.* Manually add the new deny ACE with a sequence number of 15.Add a deny any any ACE to access-list 1.Create a second access list denying the host and app
5、ly it to the same interface.3Launch PT Hide and Save PTOpen the PT Activity. Perform the tasks in the activity instructions and then answer the question.Why is the ACL not working?The ACL is missing a deny ip any any ACE.The ACL is applied in the wrong direction.The access-list 1
6、05 command or commands are incorrect.The ACL is applied to the wrong interface.* No ACL is needed for this scenario.4 Which statement describes a characteristic of standard IPv4 ACLs?They are configured in the interface configuration mode.They can be created with a number but not with a name.They fi
7、lter traffic based on source IP addresses only.* They can be configured to filter traffic based on both source IP addresses and source ports.5Refer to the exhibit. The network administrator that has the IP address of 3/25 needs to have access to the corporate FTP server (/28). The
8、FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed to this server. Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (Choose two.)access-list 105 permit ip
9、host 3 host access-list 105 permit tcp any host eq wwwaccess-list 105 permit ip any anyR1(config)# interface s0/0/0R1(config-if)# ip access-group 105 outR1(config)# interface gi0/0R1(config-if)# ip access-group 105 out *access-list 105 permit tcp host 3 host 10.0
10、.54.5 eq 20access-list 105 permit tcp host 3 host eq 21access-list 105 permit tcp 55 host eq wwwaccess-list 105 deny ip any host access-list 105 permit ip any any *access-list 105 permit tcp host any eq wwwaccess-list 105 permit tcp
11、 host 3 host eq 20access-list 105 permit tcp host 3 host eq 21R2(config)# interface gi0/0R2(config-if)# ip access-group 105 in6 What are two possible uses of access control lists in an enterprise network? (Choose two.)limiting debug outputs* reducing the process
12、ing load on routerscontrolling the physical status of router interfacescontrolling virtual terminal access to routers* allowing Layer 2 traffic to be filtered by a router7 An administrator has configured an access list on R1 to allow SSH administrative access from host 00. Which command co
13、rrectly applies the ACL?R1(config-line)# access-class 1 outR1(config-line)# access-class 1 in* R1(config-if)# ip access-group 1 outR1(config-if)# ip access-group 1 in8 Which three statements are generally considered to be best practices in the placement of ACLs? (Choose three.)Place extended ACLs cl
14、ose to the source IP address of the traffic.* For every inbound ACL placed on an interface, there should be a matching outbound ACL.Place extended ACLs close to the destination IP address of the traffic.Place standard ACLs close to the destination IP address of the traffic.* Filter unwanted traffic
15、before it travels onto a low-bandwidth link.* Place standard ACLs close to the source IP address of the traffic.9 Which three implicit access control entries are automatically added to the end of an IPv6 ACL? (Choose three.)deny icmp any anydeny ipv6 any any* permit icmp any any nd-ns* permit ipv6 a
16、ny anydeny ip any anypermit icmp any any nd-na*10 Which two characteristics are shared by both standard and extended ACLs? (Choose two.)Both filter packets for a specific destination host IP address.Both can be created by using either a descriptive name or number.* Both include an implicit deny as a
17、 final ACE.* Both can permit or deny specific services by port number.Both kinds of ACLs can filter based on protocol type.11Place the options in the following order:the first valid host address in a subnet subnetwork address of a subnet with 14 valid host addresses all IP address bits must match ex
18、actly hosts in a subnet with the subnet mask addresses with a subnet mask of 48 not scored -12 Consider the following access list that allows IP phone configuration file transfers from a particular host to a TFTP server:R1(config)# access-list 105 permit udp host
19、3 host range 1024 5000R1(config)# access-list 105 deny ip any anyR1(config)# interface gi0/0R1(config-if)# ip access-group 105 outWhich method would allow the network administrator to modify the ACL and include FTP transfers from any source IP address?R1(config)# interface gi0/0R1(config-i
20、f)# no ip access-group 105 outR1(config)# access-list 105 permit tcp any host eq 20R1(config)# access-list 105 permit tcp any host eq 21R1(config)# interface gi0/0R1(config-if)# ip access-group 105 outR1(config)# access-list 105 permit tcp any host eq 20R1(config)# acce
21、ss-list 105 permit tcp any host eq 21R1(config)# access-list 105 permit udp host 3 host range 1024 5000R1(config)# access-list 105 permit tcp any host eq 20R1(config)# access-list 105 permit tcp any host eq 21R1(config)# access-list 105 deny ip any an
22、yR1(config)# interface gi0/0R1(config-if)# no ip access-group 105 outR1(config)# no access-list 105R1(config)# access-list 105 permit udp host 3 host range 1024 5000R1(config)# access-list 105 permit tcp any host eq 20R1(config)# access-list 105 permit tcp any host 10.0.
23、54.5 eq 21R1(config)# access-list 105 deny ip any anyR1(config)# interface gi0/0R1(config-if)# ip access-group 105 out *13 What two functions describe uses of an access control list? (Choose two.)ACLs provide a basic level of security for network access.* ACLs can control which areas a host can acce
24、ss on a network.* Standard ACLs can restrict access to specific applications and ports.ACLs can permit or deny traffic based upon the MAC address originating on the router.ACLs assist the router in determining the best path to a destination.14 Which feature is unique to IPv6 ACLs when compared to th
25、ose of IPv4 ACLs?an implicit permit of neighbor discovery packets* an implicit deny any any ACEthe use of named ACL entriesthe use of wildcard masks15 Which three statements describe ACL processing of packets? (Choose three.)Each packet is compared to the conditions of every ACE in the ACL before a
26、forwarding decision is made.A packet that has been denied by one ACE can be permitted by a subsequent ACE.Each statement is checked only until a match is detected or until the end of the ACE list.* An implicit deny any rejects any packet that does not match any ACE.* A packet that does not match the
27、 conditions of any ACE will be forwarded by default.A packet can either be rejected or forwarded as directed by the ACE that is matched.*16 Which statement describes a difference between the operation of inbound and outbound ACLs?On a network interface, more than one inbound ACL can be configured bu
28、t only one outbound ACL can be configured.In contrast to outbound ALCs, inbound ACLs can be used to filter packets with multiple criteria.Inbound ACLs are processed before the packets are routed while outbound ACLs are processed after the routing is completed.* Inbound ACLs can be used in both routers and switches but outbound ACLs can be used only on routers.17 What is the only type of ACL available for IPv6?named standardnumbered extendednamed extended* numbered standard18 Which IPv6 ACL command entry will permit traffic from any
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 校方责任赔付协议书
- 土地信息咨询协议书
- 入室抢劫调解协议书
- 居室房屋出售协议书
- 暖气安装人工协议书
- 离婚之后变更协议书
- 闲置公司收购协议书
- 政府石料处置协议书
- 摊点卫生管理协议书
- 快速处理保险协议书
- 2025-2030全球及中国军事无线电系统行业市场现状供需分析及市场深度研究发展前景及规划可行性分析研究报告
- 配电工程施工方案
- 2025年中国光纤放大器行业竞争格局及市场发展潜力预测报告
- 护理礼仪中的称呼礼仪
- 2025年浙江纺织服装职业技术学院单招职业适应性测试题库新版
- 2024年河北省普通高中学业水平选择性考试物理试题含答案
- Unit 4 Healthy food(说课稿)-2024-2025学年人教PEP版(2024)英语三年级下册
- 2025年全国叉车证理论考试题库(含答案)
- 99S203 消防水泵接合器安装图集
- DB13T 5461-2021 连翘种子种苗质量标准
- Q∕SY 04797-2020 燃油加油机应用规范
评论
0/150
提交评论