101. Which command can you enter to block HTTPS traffic from the whole class A
private network range to a host?
a. R1(config)#access-list 105 deny tcp 10.1.0.0 0.0.255.255 40.0.0.2 0.0.0.0 eq 443
b. R1(config)#access-list 105 deny tcp 10.1.0.0 0.0.255.255 40.0.0.2 0.0.0.0 eq 53
c. R1(config)#access-list 105 deny tcp 10.0.0.0 0.255.255.255 40.0.0.2 0.0.0.0 eq 53
d. R1(config)#access-list 105 deny tcp 10.0.0.0 0.255.255.255 40.0.0.2 0.0.0.0 eq 443
102. What wildcard mask will match networks 10. 16. 0.0 through 10.19.0.
0? a. 0.252.255.255
b. 0.0.255.255
c. 0.0.3.255
d. 0.3.255.255
103. What wildcard mask will match network
10.10.100.64/26? a. 0.0.0.15
b. 0.0.0.31
c. 0.0.0.63
d. 0.0.0.127
104. What two functions describe uses of access control lists? (Choose two.)
a. ACLs assist a router in determining the best path to a destination.
b. ACLs can control which areas a host can access on a network.
c. ACLs provide a basic level of security for network access.
d. Standard ACLs can filter traffic based on source and destination network addresses.
e. Standard ACLs can restrict access to specific applications and ports.
105. Which three statements describe how an ACL processes packets? (Choose three.)
a. A packet is compared with all ACEs in the ACL before a forwarding decision is made.
b. A packet that has been denied by one ACE can be permitted by a subsequent ACE.
c. An implicit deny at the end of an ACL rejects any packet that does not match an ACE.
d. Each ACE is checked only until a match is detected or until the end of the ACL.
e. If an ACE is matched, the packet is either rejected or forwarded, as directed by the ACE.
f. If an ACE is not matched, the packet is forwarded by default.
106. Which three statements are best practices related to placement of ACLs? (Choose
three.)
a. Filter unwanted traffic before it travels onto a low-bandwidth link.
b. For every inbound ACL placed on an interface, ensure that there is a matching outbound ACL.
c. Place extended ACLs close to the destination IP address of the traffic.
d. Place extended ACLs close to the source IP address of the traffic.
e. Place standard ACLs close to the destination IP address of the traffic.
f. Place standard ACLs close to the source IP address of the traffic.
107. Which two characteristics are shared by standard and extended ACLs? (Choose two.)
a. Both filter packets for a specific destination host IP address.
b. Both include an implicit deny as a final entry.
c. Both permit or deny specific services by port number.
d. They both filter based on protocol type.
e. They can be created by using either descriptive names or numbers.
108. Which two statement describes a difference between the operation of inbound and outbound
ACLs? (Choose two.)
a. Inbound ACLs are processed before the packets are routed.
b. Inbound ACLs can be used in both routers and switches.
c. Multiple inbound ACLs can be applied to an interface.
d. Multiple outbound ACLs can be applied to an interface.
e. Outbound ACLs are processed after the routing is completed.
f. Outbound ACLs can be used only on routers.
g. Unlike outbound ACLs, inbound ACLs can be used to filter packets with multiple criteria.
109. In which configuration would an outbound ACL placement be preferred over an inbound ACL
placement?
a. When a router has more than one ACL
b. When an interface is filtered by an outbound ACL and the network attached to the interface is the
source network being filtered within the ACL
c. When an outbound ACL is closer to the source of the traffic flow
d. When the ACL is applied to an outbound interface to filter packets coming from multiple inbound
interfaces before the packets exit the interface
110. What type of ACL offers increased flexibility and control over network traffic?
a. Extended
b. Extensive
c. Named standard
d. Numbered standard
111. Which statement describes a characteristic of standard IPv4 ACLs?
a. They can be configured to filter traffic based on both source IP addresses and source ports.
b. They can be created with a number but not with a name.
c. They filter traffic based on destination IP addresses only.
d. They filter traffic based on source IP addresses only.
112. Which wildcard mask would permit only host
10.10.10.1? a. 0.0.0.0
b. 0.0.0.31
c. 0.0.0.255
d. 0.0.255.255
e. 255.255.255.255

Question

101. Which command can you enter to block HTTPS traffic from the whole class A
private network range to a host?
a. R1(config)#access-list 105 deny tcp 10.1.0.0 0.0.255.255 40.0.0.2 0.0.0.0 eq 443
b. R1(config)#access-list 105 deny tcp 10.1.0.0 0.0.255.255 40.0.0.2 0.0.0.0 eq 53
c. R1(config)#access-list 105 deny tcp 10.0.0.0 0.255.255.255 40.0.0.2 0.0.0.0 eq 53
d. R1(config)#access-list 105 deny tcp 10.0.0.0 0.255.255.255 40.0.0.2 0.0.0.0 eq 443
102. What wildcard mask will match networks 10. 16. 0.0 through 10.19.0.
0? a. 0.252.255.255
b. 0.0.255.255
c. 0.0.3.255
d. 0.3.255.255
103. What wildcard mask will match network
10.10.100.64/26? a. 0.0.0.15
b. 0.0.0.31
c. 0.0.0.63
d. 0.0.0.127
104. What two functions describe uses of access control lists? (Choose two.)
a. ACLs assist a router in determining the best path to a destination.
b. ACLs can control which areas a host can access on a network.
c. ACLs provide a basic level of security for network access.
d. Standard ACLs can filter traffic based on source and destination network addresses.
e. Standard ACLs can restrict access to specific applications and ports.
105. Which three statements describe how an ACL processes packets? (Choose three.)
a. A packet is compared with all ACEs in the ACL before a forwarding decision is made.
b. A packet that has been denied by one ACE can be permitted by a subsequent ACE.
c. An implicit deny at the end of an ACL rejects any packet that does not match an ACE.
d. Each ACE is checked only until a match is detected or until the end of the ACL.
e. If an ACE is matched, the packet is either rejected or forwarded, as directed by the ACE.
f. If an ACE is not matched, the packet is forwarded by default.
106. Which three statements are best practices related to placement of ACLs? (Choose
three.)
a. Filter unwanted traffic before it travels onto a low-bandwidth link.
b. For every inbound ACL placed on an interface, ensure that there is a matching outbound ACL.
c. Place extended ACLs close to the destination IP address of the traffic.
d. Place extended ACLs close to the source IP address of the traffic.
e. Place standard ACLs close to the destination IP address of the traffic.
f. Place standard ACLs close to the source IP address of the traffic.
107. Which two characteristics are shared by standard and extended ACLs? (Choose two.)
a. Both filter packets for a specific destination host IP address.
b. Both include an implicit deny as a final entry.
c. Both permit or deny specific services by port number.
d. They both filter based on protocol type.
e. They can be created by using either descriptive names or numbers.
108. Which two statement describes a difference between the operation of inbound and outbound
ACLs? (Choose two.)
a. Inbound ACLs are processed before the packets are routed.
b. Inbound ACLs can be used in both routers and switches.
c. Multiple inbound ACLs can be applied to an interface.
d. Multiple outbound ACLs can be applied to an interface.
e. Outbound ACLs are processed after the routing is completed.
f. Outbound ACLs can be used only on routers.
g. Unlike outbound ACLs, inbound ACLs can be used to filter packets with multiple criteria.
109. In which configuration would an outbound ACL placement be preferred over an inbound ACL
placement?
a. When a router has more than one ACL
b. When an interface is filtered by an outbound ACL and the network attached to the interface is the
source network being filtered within the ACL
c. When an outbound ACL is closer to the source of the traffic flow
d. When the ACL is applied to an outbound interface to filter packets coming from multiple inbound
interfaces before the packets exit the interface
110. What type of ACL offers increased flexibility and control over network traffic?
a. Extended
b. Extensive
c. Named standard
d. Numbered standard
111. Which statement describes a characteristic of standard IPv4 ACLs?
a. They can be configured to filter traffic based on both source IP addresses and source ports.
b. They can be created with a number but not with a name.
c. They filter traffic based on destination IP addresses only.
d. They filter traffic based on source IP addresses only.
112. Which wildcard mask would permit only host
10.10.10.1? a. 0.0.0.0
b. 0.0.0.31
c. 0.0.0.255
d. 0.0.255.255
e. 255.255.255.255

Your name

Your answer