17. Refer to the exhibit. A network administrator wants to permit only host 192.

Question

17. Refer to the exhibit. A network administrator wants to permit only host 192.168.1.1 /24 to access the server 192.168.2.1 /24. Which three commands will achieve this using best A practices? (Choose three.) be able to CL placement Fa0f0 Fa0/1 R2 192.168.1.1124 192.168.2.1124 a) R2(config)# access-list 101 permit ip host 192.168.1.1 host 192.168 2 1 b) R2(config)# access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255-255255.0 c) R2(config)# interface fastethernet 0/ d) R2(config-if)f#f ip access-group 101 out e) R2(config)# access-list 101 permit ip any any f) R2(config)# interface fastethernet 0/ 18. Which two statements are correct about extended ACLs? (Choose two) a) Extended ACLs use a number range from 1-99. b) Extended ACLs end with an implicit permit statement. c) Extended ACLs evaluate the source and destination addresses. d) Port numbers can be used to add greater definition to an ACL e) Multiple ACLs can be placed on the same interface as long as they are in the same direction. 19. Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet? a) access-list 103 deny tep host 192.168.10.0 any eq 23 access-list 103 permit tep host 192.168.10.1 eq 80 b) access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1 c) access-list 103 permit tep 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80 d) access-list 103 permit tep 192.168.10.0 0.0.0.255 any eq 80 access-list 103 deny tep 192.168.10.0 0.0.0.255 any eq telnet access-list 103 deny tep 192.168.10.0 0.0.0.255 any eq 23 access-list 103 deny tep 192.168.10.0 0.0.0.255 any eq 23

Explanation / Answer

17. The three commands which will achieve it by using best ACL placement practices are :

R2(config)# interface fastethernet 0/0
R2(config)# access-list 101 permit ip host 192.168.1.1 host 192.168.2.1*
R2(config-if)# ip access-group 101 in

In this question the extended ACL is assigned in the inbound direction on the interface fa0/0 in the R2. The traffic which is entering the router from the host IP address is bounded to the server having the IP address 192.168.2.1

18. The two statements which are correct about ACL are :

c) Extended ACLs evaluate the source and destination addresses.
d) Port numbers can be used to add greater definition to an ACL.

The source and destination address of the packets are validate by Extended ACL, they also verify the protocols and port numbers which allow the large range to base ACL

19. The set of access control entries are:

c) access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23

The access control entries must have permit or deny parameters and the port number or the name

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.