module 5-2 (1130923)
Текст из файла
http://ccna-4.blogspot.comhttp://360.yahoo.com/quocvuong_itTake Assessment - EWAN Chapter 5 - CCNA Exploration: Accessing the WAN(Version 4.0)Time Remaining:101:59:46By default, how is IP traffic filtered in a Cisco router?blocked in and out of all interfacesblocked on all inbound interfaces, but permitted on all outbound interfacespermitted in and out of all interfacesblocked on all outbound interfaces, but permitted on all inbound interfaces2Which three statements describe ACL processing of packets? (Choose three.)An implicit deny any rejects any packet that does not match any ACL statement.A packet can either be rejected or forwarded as directed by the statement that is matched.A packet that has been denied by one statement can be permitted by a subsequent statement.A packet that does not match the conditions of any ACL statements will be forwarded by default.Each statement is checked only until a match is detected or until the end of the ACL statement list.Each packet is compared to the conditions of every statement in the ACL before a forwarding decision is made.3Interface s0/0/0 already has an IP ACL applied inbound.
What happens when the network administrator attempts to apply asecond inbound IP ACL?The second ACL is applied to the interface, replacing the first.Both ACLs are applied to the interface.The network administrator receives an error.Only the first ACL remains applied to the interface.4The following commands were entered on a router:Router(config)# access-list 2 deny 172.16.5.24Router(config)# access-list 2 permit anyThe ACL is correctly applied to an interface. What can be concluded about this set of commands?The access list statements are misconfigured.All nodes on the 172.16.0.0 network will be denied access to other networks.The default wildcard mask 0.0.0.0 is assumed.http://ccna-4.blogspot.comhttp://360.yahoo.com/quocvuong_itNo traffic will be allowed to access any nodes or services on the 172.16.0.0 network.5Which two statements are correct about extended ACLs? (Choose two)Extended ACLs use a number range from 1-99.Extended ACLs end with an implicit permit statement.Extended ACLs evaluate the source and destination addresses.Port numbers can be used to add greater definition to an ACL.Multiple ACLs can be placed on the same interface as long as they are in the same direction.6Refer to the exhibit.
How can a comment be added to the beginning of this ACL to identify its purpose?Use the remark command to add a remark to the beginning of the ACL.Use the description command to add a description to the beginning of the ACL.Recreate the ACL and use the remark command to add a remark to the beginning of the ACL.Recreate the ACL and use the description command to add a description to the beginning of the ACL.7If all the statements in an ACL are unmatched, what happens to the packet?The packets will be placed in a buffer and forwarded when the ACL is removed.The packets will be sent to the source with an error notification message.The implicit permit any statement placed at the end of the list will allow the packets to flow through uninhibited.The implicit deny any statement placed at the end of the list will cause the packets to be dropped.8http://ccna-4.blogspot.comhttp://360.yahoo.com/quocvuong_itRefer to the exhibit.
Which three conclusions can be derived from the output that is shown? (Choose three.)All traffic, except for three host addresses, will be denied coming into interface S0/0/0.No traffic is permitted out interface S0/0/0.Telnet and FTP traffic from 192.168.10.5 to any host is permitted in from interface S0/0/0.Telnet and FTP traffic have been received at R1 from 192.168.10.5.Permitted traffic from 192.168.10.5 came through an interface other than S0/0/0.Access list SALES has not yet permitted any traffic.9Which three parameters can ACLs use to filter traffic? (Choose three.)packet sizeprotocol suitesource addressdestination addresssource router interfacedestination router interface10Which two statements are true regarding the significance of the access control list wildcard mask 0.0.0.7? (Choose two.)The first 29 bits of a given IP address will be ignored.The last 3 bits of a given IP address will be ignored.The first 32 bits of a given IP address will be checked.http://ccna-4.blogspot.comhttp://360.yahoo.com/quocvuong_itThe first 29 bits of a given IP address will be checked.The last 3 bits of a given IP address will be checked.11Which three items must be configured before a dynamic ACL can become active on a router? (Choose three.)extended ACLreflexive ACLconsole loggingauthenticationTelnet connectivityuser account with a privilege level of 1512Refer to the exhibit.
When creating an extended ACL to deny traffic from the 192.168.30.0 network destined for theWeb server 209.165.201.30, where is the best location for applying the ACL?R3 Fa0/0 inboundR3 S0/0/1 outboundR2 S0/0/1 inboundISP Fa0/0 outbound13Which three statements are true regarding named ACLs? (Choose three.)http://ccna-4.blogspot.comhttp://360.yahoo.com/quocvuong_itNames can be used to help identify the function of the ACL.Named ACLs offer more specific filtering options than numbered ACLs.Named ACLs can be modified without re-entering the entire ACL.More than one named IP ACL can be configured in each direction on a router interface.Certain complex ACLs, such as reflexive ACLs, must be defined with named ACLs.Only named ACLs allow comments.14How do Cisco standard ACLs filter traffic?by destination UDP portby protocol typeby source IP addressby source UDP portby destination IP address15Refer to the exhibit.
How does this access list process a packet with the source address 10.1.1.1 and a destinationof 192.168.10.13?It is allowed because line 20 of the ACL allows packets to the host 192.168.10.13.It is allowed because line 10 of the ACL allows packets to 192.168.0.0/16.It is allowed because it does not match any of the items in the ACL.It is dropped.16A network administrator needs to allow traffic through the firewall router for sessions originating from within the company neblock traffic for sessions that originate outside the netowrk of the company. What type of ACL is most appropriate?dynamicreflexivetime-basedport-based17http://ccna-4.blogspot.comhttp://360.yahoo.com/quocvuong_itRefer to the exhibit.
How will Router1 treat traffic matching the time-range requirement of EVERYOTHERDAY?TCP traffic entering fa0/0 from 172.16.1.254/24 destined to the 10.1.1.0/24 network is permitted.TCP traffic entering fa0/0 from 10.1.1.254/24 destined to the 172.16.1.0/24 network is permitted.Telnet traffic entering fa0/0 from 172.16.1.254/24 destined to the 10.1.1.0/24 network is permitted.Telnet traffic entering fa0/0 from 10.1.1.254/24 destined to the 172.16.1.0/24 network is permitted.18Refer to the exhibit.
What is the most likely explanation for the 35 matches on the "deny ip 64.100.0.0 0.0.7.255 any" statemeACL 101?A user on the internal network has spoofed a host from the Internet and is sending traffic to that host, which is respondinA user on the Internet has spoofed a host address from the internal network and is trying to send packets toward the intenetwork.An Internet host is looping traffic from the internal network.A host on the internal network is looping traffic from the Internet.http://ccna-4.blogspot.comhttp://360.yahoo.com/quocvuong_it19Which two statements are true regarding the following extended ACL? (Choose two.)access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 20access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 21access-list 101 permit ip any anyFTP traffic originating from network 172.16.3.0/24 is denied.All traffic is implicitly denied.FTP traffic destined for the 172.16.3.0/24 network is denied.Telnet traffic originating on network 172.16.3.0/24 is denied.Web traffic originating from 172.16.3.0 is permitted.20 Where should a standard access control list be placed?close to the sourceclose to the destinationon an Ethernet porton a serial port.
Характеристики
Тип файла PDF
PDF-формат наиболее широко используется для просмотра любого типа файлов на любом устройстве. В него можно сохранить документ, таблицы, презентацию, текст, чертежи, вычисления, графики и всё остальное, что можно показать на экране любого устройства. Именно его лучше всего использовать для печати.
Например, если Вам нужно распечатать чертёж из автокада, Вы сохраните чертёж на флешку, но будет ли автокад в пункте печати? А если будет, то нужная версия с нужными библиотеками? Именно для этого и нужен формат PDF - в нём точно будет показано верно вне зависимости от того, в какой программе создали PDF-файл и есть ли нужная программа для его просмотра.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
