WAN Q7

Card Set Information

Author:
kirin
ID:
167267
Filename:
WAN Q7
Updated:
2012-08-24 12:50:53
Tags:
WAN Quiz
Folders:

Description:
Wide Area Network Quiz 7 - Access Control List (ACL)
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user kirin on FreezingBlue Flashcards. What would you like to do?


  1. access-list 199 deny tcp 178.15.0.0 0.0.255.255 any eq 23
    access-list 199 permit ip any any

    Assuming this ACL is correctly applied to a router interface, which two statements describe traffic on the network? (Choose two.)

    a) Telnet and FTP will be permitted from all hosts on network 178.15.0.0 to any destination.
    b) Telnet will not be permitted from any hosts on network 178.15.0.0 to any destination.
    c) All FTP traffic from network 178.15.0.0 will be permitted.
    d) Telnet will not be permitted to any hosts on network 178.15.0.0 from any destination.
    e) All Telnet traffic destined for network 178.15.0.0 will be denied.
    • b) Telnet will not be permitted from any hosts on network 178.15.0.0 to any destination.     
    • c) All FTP traffic from network 178.15.0.0 will be permitted.
  2. The figure shows an ACL that already exists on the router. The network administrator entered the following command in the global configuration mode on the router.
      
     access-list 101 deny tcp any 192.168.1.0 0.0.0.255 eq ftp

    What effect does this have?



    A) It insert the line as the last statement in the ACL.
    B) It delete the entire ACL and replace it with the new line only.
    C) It insert the line as the first statement in the ACL.
    D) It has no effect on the ACL.
    A) It insert the line as the last statement in the ACL.
    (this multiple choice question has been scrambled)
  3. An administrator wants to implement authentication for access to a host for specific users who are connecting from outside the company network. What type of ACL would best suit the situation?

    A) extended
    B) reflexive
    C) dynamic
    D) time-based
    C) dynamic
    (this multiple choice question has been scrambled)
  4. Categorize the following descriptions with the appropriate ACL type.

    Descriptions:
    only checks source address
    access list numbers 100-199
    check protocol and port numbers
    only permits/denies entire protocols based on network address
    access list numbers 1-99
    checks source and destination address

    ACL Type:
    Standard IP ACL
    Extended IP ACL
    • only checks source address =>  Standard IP ACL
    • access list numbers 100-199 => Extended IP ACL
    • check protocol and port numbers => Extended IP ACL
    • only permits/denies entire protocols based on network address => Standard IP ACL
    • access list numbers 1-99 => Standard IP ACL
    • checks source and destination address => Extended IP ACL
  5. Match the following commands used with ACL to their descriptions:

    Commands:
    any
    ip access-group
    access-class
    host

    Descriptions:
    substitute for the 0.0.0.0 wildcard mask
    apply a particular ACL on VTY lines
    substitute for the 255.255.255.255 wildcard mask
    apply a particular ACL on the interface
    • any => substitute for the 255.255.255.255 wildcard mask
    • ip access-group => apply a particular ACL on the interface
    • access-class => apply a particular ACL on VTY lines
    • host => substitute for the 0.0.0.0 wildcard mask
  6. Match the protocol to the well-known port number.

    Protocols:
    FTP
    Telnet
    SMTP
    HTTP    
    DNS
    TFTP

    Ports:
    UDP port 69
    TCP port 21
    TCP port 23
    TCP/UDP port 53
    TCP port 80
    TCP port 25
    • FTP => TCP port 21  
    • Telnet => TCP port 23  
    • SMTP => TCP port 25  
    • HTTP => TCP port 80  
    • DNS => TCP/UDP port 53  
    • TFTP => UDP port 69
  7. What kind of access-list is created with the command ip access-list standard fastaccess?

    A) reflective ACL
    B) dynamic ACL
    C) turbo ACL
    D) named ACL
    D) named ACL
    (this multiple choice question has been scrambled)
  8. What type of ACL should the network administrator implement to limit Internet traffic during the peak hours of the day?

    A) reflective
    B) policy-based
    C) time-based
    D) dynamic
    C) time-based
    (this multiple choice question has been scrambled)
  9. Which statement correctly describes a reflexive access control list?

    A) An ACL that controls traffic based on time.
    B) An ACL that uses an extended list to block users from traversing a router until they are authenticated.
    C) An ACL that only identifies the source of traffic.
    D) An ACL that allows IP traffic for sessions originating from inside the network, while denying traffic for sessions originating from the outside.
    D) An ACL that allows IP traffic for sessions originating from inside the network, while denying traffic for sessions originating from the outside.
    (this multiple choice question has been scrambled)
  10. Which statement correctly describes how Router1 processes packets with the configuration shown in the figure? 



    A) Router1 compares packets entering interface s0/0/0 to all the ACL 101 statements first, then compare the packets to all the ACL 201 statements.
    B) A packet entering interface s0/0/0 is compared to each statement in ACL 101 until one statement matches the packet. Then the router drops or forwards the packet without considering the remaining statement in ACL 101.
    C) If a packet entering interface s0/0/0 matches a condition in ACL 101, the router continues comparing the packet to the rest of the statements in ACL 101 to make sure that no other statements might also apply.
    D) Traffic exiting interface s0/0/0 is filtered by both ACL 101 and ACL 201.
    B) A packet entering interface s0/0/0 is compared to each statement in ACL 101 until one statement matches the packet. Then the router drops or forwards the packet without considering the remaining statement in ACL 101.
    (this multiple choice question has been scrambled)
  11. Which statement is correct regarding applying an access control list to an interface?

    A) Access lists are applied in global configuration mode.
    B) The command for applying access list 101 inbound is ip access-list 101.
    C) Named access lists are applied using the ip access-named command.
    D) Standard access lists should be applied to an interface as close to the destination as possible.
    D) Standard access lists should be applied to an interface as close to the destination as possible.
    (this multiple choice question has been scrambled)
  12. Which two solutions can be implemented with ACLs? (Choose two.)

    a) Segment the network into subnets to increase available bandwidth
    b) Distribute DHCP traffic to allow easier network availability.
    c) Create a "firewall" on a router to filter inbound traffic from an external untrusted network.
    d) Allow or deny traffic into network based on the MAC address.
    e) Control traffic entering or exiting different areas of a local network.
    • c) Create a "firewall" on a router to filter inbound traffic from an external untrusted network.     
    • e) Control traffic entering or exiting different areas of a local network.
  13. Which two statements correctly describe Cisco access control lists? (Choose two.)

    a) ACLs are created in interface configuration mode.
    b) Standard ACLs are numbered 1-99, and extended ACL are numbered 100-199.
    c) Standard ACLs permit or deny traffic to specific IP addresses.
    d) Extended ACLs filter traffic based on source and destination IP address, port number  and protocol.
    e) Standard ACLs do not permit the use of wildcard masks
    • b) Standard ACLs are numbered 1-99, and extended ACL are numbered 100-199.     
    • d) Extended ACLs filter traffic based on source and destination IP address, port number  and protocol.
  14. Which wildcard mask will be used to test for hosts from the network 192.168.12.0/29?

    A) 0.0.0.3
    B) 0.0.0.7
    C) 0.0.0.15
    D) 0.0.0.31
    B) 0.0.0.7
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview