Bagi yang masuk ke blog ini melalui Search Engin dan tidak menemukan artikel yang di cari pada halaman ini maka dapat mencari pada arsip blog atau mengunakan fasilitas search yang ada di blog ini. terimakasih atas kunjungnnya.
bagi yang ingin bertanya sebaiknya langsng melalui YM apabila lagi online atau inggalkan coment di artikel yang bersangutan.

Promo : Transfer Pulsa Indosat (IM3/Mentari/StarOne) pulsa 100rb Harga 82rb (bisa untuk BB)

bagi yang berminat dapat hubungin YM : ivandriyandra atau sms ke no 085624060651. atau data update dapat liat di halaman ini http://indosat.yandra.web.id/

30 Mei 2009

CCNA2-Module 11

1 Assuming the ACL in the graphic is correctly applied to an interface, what effect will the ACL have on network traffic?
  • All traffic to network 172.16.0.0 will be denied.
  • All TCP traffic will be permitted to and from network 172.16.0.0.
  • All telnet traffic from the 172.16.0.0 network to any destination will be denied.*
  • All port 23 traffic to the 172.16.0.0 network will be denied.
  • All traffic from the 172.16.0.0 network will be denied to any other network.
2 Create a standard ACL that will deny traffic from 192.5.5.25 to the 210.93.105.0 network but will allow traffic from all other hosts. (Choose two.)
  • Router(config)# access-list 22 deny 192.5.5.25 0.0.0.0
  • Router(config)# access-list 22 deny host 192.5.5.25 0.0.0.0
  • Router(config)# access-list 22 permit any any
  • Router(config)# access-list 22 deny 192.5.5.25 0.0.0.0*
  • Router(config)# access-list 22 permit any
  • Router(config)# access-list 22 deny host 192.5.5.25*
  • Router(config)# access-list 22 permit any
  • Router(config)# access-list 22 deny 192.5.5.0 0.0.0.255
  • Router(config)# access-list 22 permit any

3 The following commands were entered on a router:
Router(config)# access-list 2 deny 172.16.5.24
Router(config)# access-list 2 permit any
What can be concluded about this set of commands?
  • The access list statements are misconfigured.
  • All nodes on 172.16.0.0 will be denied access when these statements are applied.
  • The default wildcard mask, 0.0.0.0 is assumed.*
  • The default wildcard mask 255.255.255.255 is assumed.

4 ACL statements operate in sequential, logical order. If a condition match is true, the rest of the ACL statements are not checked. If all of the ACL statements are unmatched, what happens to the packet?
  • The packets will be placed in a buffer and forwarded when the ACL is removed.
  • The packets will be sent to the source with an error notification message.
  • The implicit permit any statement placed at the end of the list will allow the packets to flow through uninhibited.
  • The implicit deny any statement placed at the end of the list will cause the packets to be dropped.*

5 Choose the command that will correctly configure a standard ACL.
  • Router# access-list 10 permit any
  • Router# access-list 101 permit any
  • Router(config)# access-list 10 permit any*
  • Router(config)# access-list 101 permit any
  • Router(config)# access-list 10 permit any any

6 Select the commands that will apply the ACL in the diagram to filter traffic going to the 192.168.2.0 network.
  • Router1# configure terminal
  • Router1(config)# access-list 10 in E0
  • Router1(config)# interface ethernet 0
  • Router1(config-if)# access-list 10 in
  • Router2(config)# interface s1
  • Router2(config-if)# ip access-group 10 out
  • Router2(config)# interface ethernet 0*
  • Router2(config-if)# ip access-group 10 out
  • Router1(config)# interface ethernet 0
  • Router1(config-if)# ip access-group 10 out
  • Router2# configure terminal
  • Router2(config)# access-group 10 out

7 Which statements are true regarding the meaning of the access control list wildcard mask 0.0.0.7? (Choose two.)
  • The first 29 bits of a supplied IP address will be ignored.
  • The last three bits of a supplied IP address will be ignored.*
  • The first 32 bits of a supplied IP address will be matched.
  • The first 29 bits of a supplied IP address will be matched.*
  • The last four bits of a supplied IP address will be matched.

8 The router IOS tests each condition statement in an ACL in sequence. Once a match is made, which of the following occurs? (Choose two.)
  • The entire ACL must be deleted and recreated.
  • The accept or reject action is performed.*
  • The packet is forwarded to the next hop.
  • The remaining ACL statements are not checked.*
  • The router goes through the list again to verify that a match has been made.
9 Select the correct statements about extended ACLs. (Choose two)
  • Extended ACLs use a number range from 1-99.
  • Extended ACLs end with an implicit permit statement.
  • Extended ACLs evaluate the source and destination addresses.*
  • Port numbers can be used to add greater definition to an ACL.*
  • Multiple ACLs can be placed on the same interface as long as they are in the same direction.

10 Which of the following are reasons to use ACLs? (Choose three.)
  • to provide a basic level of security for network access*
  • to speed up network performance by filtering priority packets
  • to preserve bandwidth by providing a mechanism for traffic flow control*
  • to decide which packets are forwarded or blocked at the router console port
  • to screen certain hosts to either allow or deny access to part of a network*
  • to allow all packets passing through the router access to all parts of the network

11 Which of the following parameters can ACLs use to filter traffic? (Choose three.)
  • packet size
  • protocol suite*
  • source address*
  • destination address*
  • source router interface
  • destination router interface

12 Which statement is true regarding wildcard masks?
  • The wildcard mask and subnet mask perform the same function.
  • The wildcard mask is always the inverse of the subnet mask.
  • A "0" in the wildcard mask identifies IP address bits that must be checked.*
  • A "1" in the wildcard mask identifies a network or subnet bit.

13 Select the statements that describe ACL processing of packets. (Choose three.)
  • An implicit deny any rejects any packet that does not match any ACL statement.*
  • A packet can either be rejected or forwarded as directed by the statement that is matched.*
  • A packet that has been denied by one statement can be permitted by a subsequent statement.
  • A packet that does not match the conditions of any ACL statements will be forwarded by default.
  • Each statement is checked only until a match is detected or until the end of the ACL statement list.*
  • Each packet is compared to the conditions of every statement in the ACL before a forwarding decision is made.

14 An access list has been created that will deny the host 204.204.7.89 access to an ftp server located at 196.6.13.254.
access-list 111 deny tcp 204.204.7.89 0.0.0.0 196.6.13.254 0.0.0.0 eq 21
access-list 111 permit tcp any any
Which of the following groups of commands will place this ACL in the proper location?
  1. Router2(config)# interface s0/0
  2. Router2(config-if)# ip access-group 111 in
  3. Router2(config)# interface fa0/0
  4. Router2(config-if)# ip access-group 111 out
  5. Router2(config)# interface fa0/0*
  6. Router2(config-if)# ip access-group 111 in
  7. Router3(config)# interface fa0/0
  8. Router3(config-if)# ip access-group 111 in
  9. Router3(config)# interface s0/1
  10. Router3(config-if)# ip access-group 111 out
  11. Router3(config)# interface fa0/0
  12. Router3(config-if)# ip access-group 111 out

15 Choose the commands that will correctly configure a standard ACL. (Choose two.)
  • Router(config)# access-list 97 permit host 192.5.5.1*
  • Router(config)# access-list 32 permit 210.93.105.3 0.0.0.0*
  • Router(config)# access-list 148 permit 201.100.11.2 0.0.0.0
  • Router(config)# access-list 107 permit host 192.5.5.1 213.45.27.0 0.0.0.255 eq 23
  • Router(config)# access-list 10 permit tcp 192.5.5.1 0.0.0.255 201.100.11.0 0.0.0.255 eq 80

16 Assuming the ACL in the graphic is correctly applied to an interface, what effect will this ACL have on network traffic?
  • Host 192.168.15.4 will be denied ftp access to any destination, but will be permitted all other access.*
  • All ftp traffic to host 192.168.15.4 will be denied.
  • All traffic from that interface will be denied.
  • No traffic will be denied because a "permit" statement does not exist in this ACL.

17 Create an access list that will prevent only the host 192.5.5.148 from accessing a web site located at 210.93.105.50.
  • access-list 10 deny tcp host 192.5.5.148 host 210.93.105.50 eq 80
  • access-list 10 permit tcp any any
  • access-list 10 deny tcp 192.5.5.148 0.0.0.0 210.93.105.50 0.0.0.0 eq 23
  • access-list 10 permit tcp any any
  • access-list 100 deny tcp 192.5.5.148 0.0.0.0 210.93.105.50 0.0.0.0 eq 80*
  • access-list 100 permit tcp any any
  • access-list 100 deny tcp 192.5.5.148 0.0.0.255 210.93.105.50 0.0.0.255 eq 80
  • access-list 100 permit tcp any any
  • access-list 100 deny tcp host 192.5.5.148 255.255.255.255 210.93.105.50 255.255.255.255 eq 80
  • access-list 100 permit tcp any any

18 A router that has two Ethernet interfaces and one serial interface is configured to route both IP and IPX. What is the maximum number of IP ACLs that can be configured to filter packets on this router?
  • 1
  • 2
  • 3
  • 6
  • 12*

19 Which of the following matches an ACL identification number with the correct protocol?(Choose three.)
  1. 0 - standard IP
  2. 99 - standard IP*
  3. 100 - extended IP*
  4. 210 - extended IP
  5. 678 - extended IPX
  6. 888 - standard IPX*

Tidak ada komentar:

Posting Komentar

SMS Gratis