A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5.What command should be issued to accomplish this task?()A、access-list 101 deny tcp192.168

题目

A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5.What command should be issued to accomplish this task?()

  • A、access-list 101 deny tcp192.168.1.1280.0.0.15192.168.1.50.0.0.0eq23 access-list 101 permit ip any any
  • B、access-list 101 deny tcp192.168.1.1280.0.0.240192.168.1.50.0.0.0eq23 access-list101permit ip any any
  • C、access-list 1 deny tcp192.168.1.1280.0.0.255192.168.1.50.0.0.0eq21 access-list1permit ip any any
  • D、access-list 1 deny tcp192.168.1.1280.0.0.15host192.168.1.5eq23 access-list1permit ip any any
相似考题

1.The Ezonexam network administrator wants to use a router named VE1 to segment the local network. What are some of the advantages of using VE1 to segment the network? (Choose two)A. Routers generally cost less than switchesB. Filtering can occur based on Layer 3 informationC. Broadcasts are not forwarded across the routerD. Broadcasts are eliminatedE. Adding a router to the network decreases latencyF. Routers can generally support more LAN ports than switches

2.An administrator wants to be alerted when a network-based attack is underway, but the company policy prohibits blocking or dropping network connections.Which of the following MUST be deployed?()A.IDSB.IPSC.FirewallD.Managed PKI

3.A company wants to secure access to its internal wireless network. The company wants to use themost secure means to access the network. Which of the following is the BEST choice for wireless security in this situation?()A. WEP encryptionB. Channel rotationC. Disable SSIDD. WPA encryption

4.A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?A. BPDUB. Port securityC. RSTPD. STPE. VTPF. Blocking mode

更多“A network administrator wants to”相关问题

  • 第1题:

    An administrator wants to limit access of a wireless network without requiring authorized users toenter a password or network key.Which of the following methods would MOST likely be implemented on the wireless network?()

    A. Disable SSID

    B. WPA

    C. MAC filtering

    D. RAS


    参考答案:A

  • 第2题:

    A network administrator wants to detect a login attack against a router. What IOS command can make the attack recorded in syslog server?()

    • A、Logging detect fail-login
    • B、Login on-failure log
    • C、Login detect login-failure log
    • D、Logging login on-failure
    • E、none of the above

    正确答案:B

  • 第3题:

    An administrator has added a new device to a system and wants to determine if it has been correctly added to the ODM database. Which command would the system administrator use?()

    • A、odmget
    • B、odmadd
    • C、odmshow
    • D、odmcreate

    正确答案:A

  • 第4题:

    A network administrator needs to configure port security on a switch.which two statements are true?()

    • A、The network administrator can apply port security to dynamic access ports
    • B、The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.
    • C、The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.
    • D、The network administrator can apply port security to EtherChannels.
    • E、When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.

    正确答案:C,E

  • 第5题:

    An administrator has purchased monitoring software that can be configured to alert administrators when hardware and applications are having issues.  All devices are configured with SNMP, but the administrator wants to further secure the SNMP traffic.  Which of the following settings would BEST provide additional monitoring security?()

    • A、Setting up a custom community name
    • B、Configuring the network to block traffic on port 161
    • C、Configuring the Windows Firewall to block port 161
    • D、Setting SNMP to read only on the devices
    • E、Installing new MIBs

    正确答案:A,D

  • 第6题:

    An administrator wants to proactively collect information on attackers and their attempted methods of gaining access to the internal network. Which of the following would allow the administrator to do this?()

    • A、NIPS
    • B、Honeypot
    • C、DMZ
    • D、NIDS

    正确答案:B

  • 第7题:

    A network administrator wants to analyze the historical performance of the servers in the organization and forecast the system performance needs into the future.  Which add-on component of IBM Director would be used to assist with this task?()

    • A、Capacity Manager
    • B、Resource Monitors
    • C、System Availability
    • D、System Performance Monitor

    正确答案:A

  • 第8题:

    单选题
    A company wants to secure access to its internal wireless network. The company wants to use themost secure means to access the network. Which of the following is the BEST choice for wireless security in this situation?()
    A

    WEP encryption

    B

    Channel rotation

    C

    Disable SSID

    D

    WPA encryption


    正确答案: D
    解析: 暂无解析

  • 第9题:

    单选题
    A network administrator wants to verify the active alarms on interface so-0/0/0. Which command displays this information?()
    A

    show interfaces alarms

    B

    show interfaces terse

    C

    show alarms extensive

    D

    show interfaces extensive


    正确答案: D
    解析: 暂无解析

  • 第10题:

    单选题
    An administrator wants to limit access of a wireless network without requiring authorized users to enter a password or network key. Which of the following methods would MOST likely be implemented on the wireless network?()
    A

    Disable SSID

    B

    WPA

    C

    MAC filtering

    D

    RAS


    正确答案: C
    解析: 暂无解析

  • 第11题:

    单选题
    A network administrator wants to detect a login attack against a router. What IOS command can make the attack recorded in syslog server?()
    A

    Logging detect fail-login

    B

    Login on-failure log

    C

    Login detect login-failure log

    D

    Logging login on-failure

    E

    none of the above


    正确答案: B
    解析: 暂无解析

  • 第12题:

    单选题
    You are the network administrator for The network consists of a single Active Directory domain. The domain contains 20 Windows Server 2003 computers and 400 Windows XP Professional computers. Software Update Services (SUS) is installed on a server named Testking2. The network security administrator wants you to ensure that the administrative password is not compromised when an administrator connects to Testking2's SUSAdmin Web site remotely by using HTTP. You want only SSL to be used to connect to the SUSAdmin Web site. The network security administrator creates a digital certificate and enables communication for SSL on port 443 of Testking2. However, administrators are still able to connect to the SUSAdmin Web site by using HTTP. You need to ensure that communication to the SUSAdmin Web site is always secure. What should you do?()
    A

    Disable port 80 on the SUSAdmin Web site.

    B

    Require 128-Bit SSL on all directories related to the SUSAdmin Web site.

    C

    Change the default Web site to require 128-Bit SSL.

    D

    Enable IPSec on Testking2 with the Request Security IPsec template.


    正确答案: D
    解析: 暂无解析

  • 第13题:

    An administrator wants to test the network MTU. Which of the following commands allows differentsize packets to be sent?()

    A.netstat

    B.traceroute

    C.nbtstat

    D.ping


    参考答案:D

  • 第14题:

    A network administrator needs to configure port security on a switch.which two statements are true?()

    • A、The network administrator can apply port security to dynamic access ports
    • B、The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.
    • C、The sticky learning feature allows the addition of dynamically learned addresses to the runningconfiguration.
    • D、The network administrator can apply port security to EtherChannels.
    • E、When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.

    正确答案:C,E

  • 第15题:

    A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?()

    • A、BPDU
    • B、Port security
    • C、RSTP
    • D、STP
    • E、VTP
    • F、Blocking mode

    正确答案:B

  • 第16题:

    An administrator wants to test the network MTU. Which of the following commands allows differentsize packets to be sent?()

    • A、netstat
    • B、traceroute
    • C、nbtstat
    • D、ping

    正确答案:D

  • 第17题:

    An administrator wants to be alerted when a network-based attack is underway, but the company policy prohibits blocking or dropping network connections. Which of the following MUST be deployed?()

    • A、IDS
    • B、IPS
    • C、Firewall
    • D、Managed PKI

    正确答案:A

  • 第18题:

    An AIX server is configured with a static IP address but the system administrator wants the server to give out IP addresses for clients who want to use the dynamic host configuration protocol instead of static IP addresses.How is this accomplished?()

    • A、Use SMIT to have the server use DHCP instead of a static address
    • B、Edit /etc/rc.tcpip and start the dhcpsd daemon
    • C、Use the network options command to enable ipforwarding
    • D、Edit /etc/rc.net to set network options back to default

    正确答案:B

  • 第19题:

    An AIX server has 2 network interfaces and the system administrator wants to enable the users on the locally configured network interface to be able to connect to systems configured on the global network interface.  How is it accomplished?()

    • A、Enable routed on the server
    • B、Enable gated on the server
    • C、Enable ipforwarding on the server
    • D、Set network options back to default

    正确答案:C

  • 第20题:

    单选题
    A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in azone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUSTzone to the UNTRUST zone. Which configuration would correctly accomplish this task?()
    A

    A

    B

    B

    C

    C

    D

    D


    正确答案: B
    解析: 暂无解析

  • 第21题:

    单选题
    The administrator wants to backup the existing VIO server software and its current configuration before applying an update.  What command will the administrator use to backup the VIO server software so that the backup can be restored from a Network Installation Manager (NIM) server or a Hardware Management Console (HMC)?()
    A

     mksysb -t vio /mountpoint

    B

     backupios -file /mountpoint

    C

     mksysb -i /mountpoint/vio.mksysb

    D

     backupios -mksysb -file /mountpoint/vio.mksysb


    正确答案: B
    解析: 暂无解析

  • 第22题:

    单选题
    A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?()
    A

    BPDU

    B

    Port security

    C

    RSTP

    D

    STP

    E

    VTP

    F

    Blocking mode


    正确答案: B
    解析: 暂无解析

  • 第23题:

    多选题
    An administrator has purchased monitoring software that can be configured to alert administrators when hardware and applications are having issues. All devices are configured with SNMP, but the administrator wants to further secure the SNMP traffic. Which of the following settings would BEST provide additional monitoring security?()
    A

    Setting up a custom community name

    B

    Configuring the network to block traffic on port 161

    C

    Configuring the Windows Firewall to block port 161

    D

    Setting SNMP to read only on the devices

    E

    Installing new MIBs


    正确答案: A,C
    解析: 暂无解析

  • 第24题:

    单选题
    You are the network administrator at TestKing. TestKing has been provided withthe network address 165.100.27.0/24. The TestKing CEO wants to know how many subnetworks this address provides, and how many hosts can be supported on each subnet. What would your reply be?()
    A

    One network with 254 hosts.

    B

    254 networks with 254 hosts per network.

    C

    65,534 networks with 255 hosts per network.

    D

    30 networks with 64 hosts per network.

    E

    254 networks with 65,534 per network.


    正确答案: C
    解析: 暂无解析

相关内容