Asked by شسي
73. Which access l ist statement will permit all HT TP sessions to network 192. 168.144.
0/24 containing web servers?
a. access-list 110 permit tcp 192.168.144.0 0.0.0.255 any eq 80
b. access-list 110 permit tcp any 192.168.144.0 0.0.0.255 eq 80
c. access-list 110 permit tcp 192.168.144.0 0.0.0.255 192.168.144.0 0.0.0.255 any eq 80
d. access-list 110 permit udp any 192.168.144.0 eq 80
74. Which of the following access lists will allow only HT TP traffic into network 196. 15.7.0?
a. access-list 100 permit tcp any 196.15.7.0 0.0.0.255 eq www
b. access-list 10 deny tcp any 196.15.7.0 eq www
c. access-list 100 permit 196.15.7.0 0.0.0.255 eq www
d. access-list 110 permit ip any 196.15.7.0 0.0.0.255
e. access-list 110 permit www 196.15.7.0 0.0.0.255
75. What router command allows you to determine whether an IP access list is enabled on
a particular interface?
a. show ip port
b. show access-lists
c. show ip interface
d. show access-lists interface
76. If you wanted to deny all Telnet connections to only network 192. 168.10.0, which
command could you use?
a. access-list 100 deny tcp 192.168.10.0 255.255.255.0 eq telnet
b. access-list 100 deny tcp 192.168.10.0 0.255.255.255 eq telnet
c. access-list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23
d. access-list 100 deny 192.168.10.0 0.0.0.255 any eq 23
77. If you wanted to deny FTP access from network 200. 200.10.0 to network 200.199.11.0
but allow everything else, which of the following command s trings is valid?
a. access-list 110 deny 200.200.10.0 to network 200.199.11.0 eq ftp
b. access-list 111 permit ip any 0.0.0.0 255.255.255.255
c. access-list 1 deny ftp 200.200.10.0 200.199.11.0 any any
d. access-list 100 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftp
e. access-list 198 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftp access-list 198 permit ip any
0.0.0.0 255.255.255.255
78. You want to create an extended access l ist that denies the subnet of the following
host: 172. 16. 50. 172 /20 . Which of the following would you start your list with?
a. access-list 110 deny ip 172.16.48.0 255.255.240.0 any
b. access-list 110 udp deny 172.16.0.0 0.0.255.255 ip any
c. access-list 110 deny tcp 172.16.64.0 0.0.31.255 any eq 80
d. access-list 110 deny ip 172.16.48.0 0.0.15.255 any
79. Which of the following is the wildcard (inverse) version of a /27
mask? a. 0.0.0.7
b. 0.0.0.31
c. 0.0.0.27
d. 0.0.31.255
80. You want to create an extended access l ist that denies the subnet of the following
host: 172. 16. 198.94 /19 . Which of the following wo uld you start your list with?
a. access-list 110 deny ip 172.16.192.0 0.0.31.255 any
b. access-list 110 deny ip 172.16.0.0 0.0.255.255 any
c. access-list 10 deny ip 172.16.172.0 0.0.31.255 any
d. access-list 110 deny ip 172.16.188.0 0.0.15.255 any
81. The following access list has been applied to an interface on a router: access -list 101
deny tcp 199.111. 16. 32 0. 0.0. 31 host 199.168. 5.60
Which of the following IP addresses will be blocked because of this single rule in the list? (Choose all that
apply.)
a. 199.111.16.67
b. 199.111.16.38
c. 199.111.16.65
d. 199.11.16.54
82. Which of the following commands connects access list 110 inbound to interface Ethernet0?
a. Router(config)#ip access-group 110 in
b. Router(config)#ip access-list 110 in
c. Router(config-if)#ip access-group 110 in
d. Router(config-if)#ip access-list 110 in
All Answers 1
Answered by
GPT-5 mini
AI
73. b
- permit tcp any 192.168.144.0 0.0.0.255 eq 80 allows HTTP to the /24.
74. a
- permit tcp any 196.15.7.0 0.0.0.255 eq www allows only HTTP into that subnet.
75. c
- show ip interface shows ACLs applied to interfaces.
76. c
- access-list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23 denies Telnet to that /24.
77. d
- access-list 100 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftp is the correct deny (then add a permit ip any any).
78. d
- access-list 110 deny ip 172.16.48.0 0.0.15.255 any matches the /20 containing 172.16.50.172.
79. b
- /27 (255.255.255.224) inverse wildcard = 0.0.0.31.
80. a
- access-list 110 deny ip 172.16.192.0 0.0.31.255 any matches the /19 for 172.16.198.94.
81. b
- 199.111.16.38 (199.111.16.32–199.111.16.63 are matched by the wildcard).
82. c
- Router(config-if)#ip access-group 110 in applies ACL 110 inbound on the interface.
- permit tcp any 192.168.144.0 0.0.0.255 eq 80 allows HTTP to the /24.
74. a
- permit tcp any 196.15.7.0 0.0.0.255 eq www allows only HTTP into that subnet.
75. c
- show ip interface shows ACLs applied to interfaces.
76. c
- access-list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23 denies Telnet to that /24.
77. d
- access-list 100 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftp is the correct deny (then add a permit ip any any).
78. d
- access-list 110 deny ip 172.16.48.0 0.0.15.255 any matches the /20 containing 172.16.50.172.
79. b
- /27 (255.255.255.224) inverse wildcard = 0.0.0.31.
80. a
- access-list 110 deny ip 172.16.192.0 0.0.31.255 any matches the /19 for 172.16.198.94.
81. b
- 199.111.16.38 (199.111.16.32–199.111.16.63 are matched by the wildcard).
82. c
- Router(config-if)#ip access-group 110 in applies ACL 110 inbound on the interface.
Submit Your Answer
We prioritize human answers over AI answers.
If you are human, and you can answer this question, please submit your answer.