policy for the company allows all IP traffic from the Engineering LAN to the Internet while only web traffic from the ar!eting LAN is allowe" to the Internet. #hich A$L can be applie" in the outboun" "irection of %erial &'( on the ar!eting router to implement the new security policy) Correct Response Your Response access-list 197 permit ip 192.0.2.0 0.0.0.255 any access-list 197 permit ip 198.18.112.0 0.0.0.255 any eq www access-list 165 permit ip 192.0.2.0 0.0.0.255 any access-list 165 permit tcp 198.18.112.0 0.0.0.255 any eq www access-list 165 permit ip any any access-list 137 permit ip 192.0.2.0 0.0.0.255 any access-list 137 permit tcp 198.18.112.0 0.0.0.255 any eq www access-list 89 permit 192.0.2.0 0.0.0.255 any access-list 89 permit tcp 198.18.112.0 0.0.0.255 any eq www * Refer to the exhibit. +osts from (,2.(-.(2*.& are not allowe" access to (-2.&.2.& but shoul" be able to access the Internet. #hich set of comman"s will create a stan"ar" A$L that will apply to traffic outboun" on the %hannon router interface .a&'& implementing this security) Correct Response Your Response access-list 12 !eny ip 172.19.123.0 0.0.0.255 192.0.2.0 0.0.0.255 access-list 12 permit ip any any access-list 56 !eny 172.19.123.0 0.0.0.255 access-list 56 permit any access-list 61 !eny 172.19.123.0 0.0.0.0 access-list 61 permit any access-list 87 !eny 192.0.2.0 0.0.0.255 access-list 87 permit any / Refer to the exhibit. An a"ministrator notes a significant increase in the amount of traffic that is entering the networ! from the I%P. The a"ministrator clears the counters. After a few minutes0 the a"ministrator again chec!s the access1list table. #hat can be conclu"e" from the output that is shown) Correct Response Your Response A small amount of +TTP traffic is an in"ication that the web ser2er was not configure" correctly. A larger amount of P3P* traffic0 compare" with %TP traffic0 in"icates that there are more P3P* e1 mail clients than %TP clients in the enterprise. A large amount of I$P traffic is being "enie" at the interface0 which can be an in"ication of a 4o% attac!. A larger amount of e1mail traffic0 compare" with web traffic0 is an in"ication that attac!ers mainly targete" the e1mail ser2er. A networ! a"ministrator enters the following comman"s on router RT5. RT56config78 access-list !eny 192.168.20.16 0.0.0.15 RT56config78 access-list permit any RT56config78 inter"ace serial 0#0#0 RT56config1if78 ip access-$roup in #hich a""resses are bloc!e" from entering RT5) Correct Response Your Response (-2.(9:.2&.(, to (-2.(9:.2&.*( (-2.(9:.2&.(9 to (-2.(9:.2&.*( (-2.(9:.2&.(9 to (-2.(9:.2&.*2 (-2.(9:.2&.(, to (-2.(9:.2&.*2 (2 A$L logging generates what type of syslog message) Correct Response Your Response unstable networ! warning informational critical situation (* Refer to the exhibit. $ompany policy for the networ! that is shown in"icates the following gui"elines; (7 All hosts on the (-2.(9:.*.&'2/ networ!0 except host (-2.(9:.*.,,0 shoul" be able to reach the (-2.(9:.2.&'2/ networ!. 27 All hosts on the (-2.(9:.*.&'2/ networ! shoul" be able to reach the (-2.(9:.(.&'2/ networ!. *7 All other traffic originating from the (-2.(9:.*.& networ! shoul" be "enie". #hich set of A$L statements meets the state" re<uirements when they are applie" to the .a&'& interface of router R2 in the inboun" "irection) Correct Response Your Response access1list (&( "eny ip any any access1list (&( "eny ip (-2.(9:.*.,, &.&.&.& (-2.(9:.2.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.2.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.(.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.2.& &.&.&.2== access1list (&( "eny ip (-2.(9:.*.,, &.&.&.& (-2.(9:.2.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.(.& &.&.&.2== access1list (&( "eny ip (-2.(9:.*.,, &.&.&.& (-2.(9:.2.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.2.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.(.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.2.& &.&.&.2== access1list (&( "eny ip (-2.(9:.*.,, &.&.&.& (-2.(9:.2.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.(.& &.&.&.2== access1list (&( permit ip any any access1list (&( "eny ip (-2.(9:.*.,, &.&.&.& (-2.(9:.2.& &.&.&.2== access1list (&( permit ip (-2.(9:.*.& &.&.&.2== (-2.(9:.&.& &.&.2==.2== (/ #hich A$L statement permits host (&.22&.(=:.(& access to the web ser2er (-2.(9:.*.22/) Correct Response Your Response access1list (&( permit tcp host (&.22&.(=:.(& e< :& host (-2.(9:.*.22/ access1list (&( permit tcp (&.22&.(=:.(& &.&.&.& host (-2.(9:.*.22/ &.&.&.& e< :& access1list (&( permit host (&.22&.(=:.(& &.&.&.& host (-2.(9:.*.22/ &.&.&.& e< :& access1list (&( permit tcp (&.22&.(=:.(& &.&.&.& host (-2.(9:.*.22/ e< :& (= #hich two statements are true about stan"ar" an" exten"e" A$Ls) 6$hoose two.7 Correct Response Your Response Exten"e" A$Ls filter only on source a""resses an" must be place" near the "estination a""ress. %tan"ar" A$Ls are usually place" so that all pac!ets go through the networ! an" are filtere" at the "estination. %tan"ar" A$Ls are use" when filtering complex re<uirements0 such as specific protocols. Exten"e" A$Ls filter with many possible factors0 an" are place" near the source a""ress to re"uce traffic across the networ!. Properly "esigne" A$Ls ha2e a negati2e impact on networ! a2ailability an" performance. (- A$Ls are use" primarily to filter traffic. #hat are two a""itional uses of A$Ls) 6$hoose two.7 Correct Response Your Response specifying source a""resses for authentication specifying internal hosts for NAT i"entifying traffic for >o% reorgani?ing traffic into @LANs filtering @TP pac!ets 2& Refer to the exhibit. A networ! a"ministrator nee"s to configure an access list that will allow the management host with an IP a""ress of (-2.(9:.(&.2='2/ to be the only host to remotely access an" configure router RTA. All 2ty an" enable passwor"s are configure" on the router. #hich group of comman"s will accomplish this tas!) Correct Response Your Response Router6config78 access-list 101 permit tcp any 192.168.10.25 0.0.0.0 eq telnet Router6config78 access-list 101 !eny ip any any Router6config78 int s0#0 Router6config1if78 ip access-$roup 101 in Router6config1if78 int "a0#0 Router6config1if78ip access-$roup 101 in Router6config78 access-list 10 permit 192.168.10.25 eq telnet Router6config78 access-list 10 !eny any Router6config78 line %ty 0 Router6config1line78access-$roup 10 in Router6config78 access-list 86 permit &ost 192.168.10.25 Router6config78 line %ty 0 Router6config1line78 access-class 86 in Router6config78 access-list 125 permit tcp 192.168.10.25 any eq telnet Router6config78 access-list 125 !eny ip any any Router6config78 int s0#0 Router6config1if78 ip access-$roup 125 in 2( #hat are two possible uses of access control lists in an enterprise networ!) 6$hoose two.7 Correct Response Your Response limiting "ebug outputs re"ucing the processing loa" on routers allowing Layer 2 traffic to be filtere" by a router controlling 2irtual terminal access to routers controlling the physical status of router interfaces
La causa más probable es que el host 1 y el host 2 se encuentran en redes diferentes (opción b). Para que dos hosts en una LAN puedan comunicarse, deben estar en la misma subred