Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
An extended access list needs to be applied to a TestKing router. What three pieces
of information can be used in an extended access list to filter traffic? (Choose three)
QUESTION NO: 2
The TestKing administrator is implementing access control lists in the TestKing
network. What are two reasons that the TestKing network administrator would use
access lists? (Choose two.)
QUESTION NO: 3
Router TK1 is configured with an inbound ACL. When are packets processed in
this inbound access list?
QUESTION NO: 4
Many TestKing routers are configured using access lists. Which of the following are
benefits provided with access control lists (ACLs)? (Select all that apply)
QUESTION NO: 5
Router TK1 is configured using a named ACL. Which of the following answer
choices are correct characteristics of named access list? (Select all that apply)
QUESTION NO: 6
A standard IP access list is applied to an Ethernet interface of router TK1. What
does this standard access list filter on?
QUESTION NO: 7
What are two reasons that the TestKing network administrator would use access
lists on a router? (Choose two.)
QUESTION NO: 8
Which of the following are characteristics of named access lists? (Choose three)
QUESTION NO: 9
What are the general recommendations regarding the placement of access control
lists? (Choose two)
QUESTION NO: 1
Part of the TestKing network is shown in the following topology exhibit:
In this network, an access list has been designed to prevent HTTP traffic from the
accounting department from reaching the TestKingI server attached to the
TestKing2 router. Which of the following access lists will accomplish this task when
grouped with the e0 interface on the TestKing router?
A. permit ip any any
deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80
B. deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80
permit ip any any
C. deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80
permit ip any any
D. permit ip any nay
deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80
E. None of the above
QUESTION NO: 2
For security reasons, the TestKing network administrator needs to prevent pings
into the corporate networks from hosts outside the internetwork. Using access
control lists, which protocol should be blocked?
A. IP
B. UDP
C. TCP
D. ICMP
E. None of the above
QUESTION NO: 3
You work as a network technician at TestKing. TestKing is concerned about
unauthorized access to the TestKingE server. The TestKing1, TestKing4, TestKing6
and TestKing7 PCs should be the only computers with access to the TestKingE
server. What two technologies should be implemented to help prevent unauthorized
access to this server? (Choose two)
QUESTION NO: 9
Which IP address and wildcard mask would you use in your ACL to block all the
hosts in the subnet 192.168.16.43/28?
A. 192.168.16.32 0.0.0.16
B. 192.168.16.43 0.0.0.212
C. 192.168.16.0 0.0.0.15
D. 192.168.16.32 0.0.0.15
E. 192.168.16.0 0.0.0.31
F. 192.168.16.16 0.0.0.31
QUESTION NO: 4
The Testking worldwide WAN is shown in the exhibit below:
On the Hong Kong router an access list is needed that will accomplish the following:
1. Allow a Telnet connection to the HR Server through the Internet
2. Allow internet HTTP traffic to access the webserver
3. Block any other traffic from the internet to everything else
Which of the following access list statements are capable of accomplishing these
three goals? (Select all that apply)
QUESTION NO: 5
The Testking WAN is displayed below:
An access list needs to be implemented that will block users from the Graphics
Department from telnetting to the HR server; and this list is to be implemented on
the Ethernet 0 interface of the Westfield router for the inbound direction. All other
office communications should be allowed. Which of the following answer choices
would accomplish this?
QUESTION NO: 8
Which of the following access list statements would deny traffic from a specific
host?
Which IP address and wildcard mask would you use in your ACL to block all the
hosts in the subnet 192.168.16.43/28?
A. 192.168.16.32 0.0.0.16
B. 192.168.16.43 0.0.0.212
C. 192.168.16.0 0.0.0.15
D. 192.168.16.32 0.0.0.15
E. 192.168.16.0 0.0.0.31
F. 192.168.16.16 0.0.0.31
QUESTION NO: 11
The TestKing network is subnetted using 29 bits for the subnet mask. Which wild
card mask should be used to configure an extended access list to permit or deny
access to an entire subnetwork?
A. 255.255.255.224
B. 255.255.255.248
C. 0.0.0.224
D. 0.0.0.8
E. 0.0.0.7
F. 0.0.0.3
G. None of the above
QUESTION NO: 14
Which wild card mask will enable a network administrator to permit access to the
Internet for only hosts that are assigned an address in the range 192.168.8.0 through
192.168.15.255?
A. 0.0.0.0
B. 0.0.0.255
C. 0.0.255.255
D. 0.0.7.255
E. 0.0.3.255
F. None of the above
QUESTION NO: 17
You are securing a network for TestKing and want to apply an ACL (access control
list) to an interface of a router. Which one of the following commands would you
use?
The following access list below was applied outbound on the E0 interface connected
to the 192.169.1.8/29 LAN:
QUESTION NO: 22
A network administrator wants to add a line to an access list that will block only
Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5.
What command should be issued to accomplish this task?
QUESTION NO: 23
You are the network administrator at TestKing. You apply the following access list
on the E0 outbound interface connected to the 192.168.1.8/29 LAN:
You want to configure an ACL to block only TCP traffic using port 5190 on router
TK1. Which access list statement will block all traffic on this router with a
destination TCP port number of 5190 while not affecting other traffic?