以下的访问控制列表中,——允许源地址为217.5.1.0 255.255.255.0子网上的主机登录路由器。
A.access—list 10 permit 217.5.1.0 0.0.0.255
B.access—list 10 permit 217.5.1.0 255.255.255.255
C.access一:list 10 permit 217.5.1.0 255.255.255.0
D.access-listl 10 deny 217.5.1.0 0.0.0.255
第1题:
在 Cisco 路由器匕用扩展访问控制列表封禁 1P 地址为 211.102.33.24 的主机,正确的配置语句是
A )
access-list 99 deny ip host 211.102.33.24 any
access-list 99 deny ip any host 211.102.33.24
access-list 99 permit ip any any
B )
access-list 100 permit ip any any
access-list 100 deny ip host 211.102.33.24 any
access-list 100 deny ip any host 211.102.33.24
C )
access-list 199 deny ip host 211.102.33.24 any
access-list 199 deny ip any host 211.102.33.24
access-list 199 permit ip any any
D )
access-list 166 deny ip host 211.102.33.24 any
access-list 166 permit ip any any
第2题:
用扩展访问控制列表配置封禁ICMP协议,只允许l68.27.95.0/24子网的ICMP数据包通过路由器,正确的配置是(61) 。
A.access-list 90 deny icmp l68.27.95.0 255.255.255.0 any access-list 90 deny icmp any anyaccess—list 90 permit ip any any
B.access-list l00 permit icmp l68.27.95.0 0.0.0.255 any access-list l00 permit ip any any
C.access—list l l o permit icmp l68.27.95.0 255.255.255.0 any access—list l lo deny icmp any any
D.access-list l20 permit icmp l68.27.95.0 0.0.0.255 any access—list l20 deny icmp any any access—list l20 permit ip any any
第3题:
用标准访问控制列表配置只允许212.33.127.0/24子网主机登录到路由表,正确的配置是______。
A.Router(config) #access-list 10 permit 212.33.127.0 255.255.255.0 Router(config) #line vty 0 5 Router(config-line) #access-class 10 in
B.Router(config) #access-list 20 permit 212.33.127.0 0.0.0.255 Router(config) #line vty 0 5 Router(config-line) #access-class 20 out
C.Router(config) #access-list 99 permit 212.33.127.0 0.0.0.255 Router(config) #line vty 0 5 Router(config-line) #access-class 99 in
D.Router(config) #access-list 100 permit 212.33.127.0 0.0.0.255 Router(config) #line vty 0 5 Router(config-line) #access-class 100 in
第4题:
用标准访问控制列表禁止非法地址197.178.0.0/16的数据包进出路由器的正确配置是( )。
A.access-list 110 deny 197.178.0.0 0.0.255.255access-list 110 permit any
B.access-1ist 10 deny l97.178.0.0 255.255.0.0access-list 10 permit any
C.access-list 50 permit anyaccess-list 50 deny 197.178.0.0 0.0.255.255
D.access-list 99 deny 197.178.0.0 0.0.255.255access-list 99 permit any
第5题:
A network administrator is configuring ACLs on a cisco router,to allow traffic from hosts on networks 192.168.146.0,192.168.147.0,192.168.148.0and192.168.149.0 only.Which two ACL statements when combined are the best for accomplishing the task?()
A. access-list 10 permit ip 192.168.147.0 0.0.0.255.255
B. access-list 10 permit ip 192.168.149.0 0.0.0.255.255
C. access-list 10 permit ip 192.168.146.0 0.0.0.0.255
D. access-list 10 permit ip 192.168.146.0 0.0.0.1.255
E. access-list 10 permit ip 192.168.148.0 0.0.0.1.255
F. access-list 10 permit ip 192.168.146.0 255.255.255.0
第6题:
An access list was written with the four statements shown in the graphic.Which single access list statement will combine all four of these statements into a single statement that will have exactly the same effect?()
A.access-list10 permit 172.29.16.00.0.0.255
B.access-list10 permit 172.29.16.00.0.1.255
C.access-list10 permit 172.29.16.00.0.3.255
D.access-list10 permit 172.29.16.00.0.15.255
E.access-list10 permit 172.29.0.00.0.255.255
第7题:
用标准访问控制列表禁止非法地址192.168.0.0/16的数据包进出路由器的正确配置是______。
A.access-list 110 deny 192.168.0.0 0.0.255.255 access-list 110 permit any
B.access-list 10 deny 192.168.0.0 255.255.0.0 access-list 10 permit any
C.access-list 50 permit any access-list 50 deny 192.168.0.0 0.0.255.255
D.access-list 99 deny 192.168.0.0 0.0.255.255 access-list 99 permit any
第8题:
计费服务器的ip地址在192.168.1.0/24子网内,为了保证计费服务器的安全,不允许任何用户telnet到该服务器,则需要配置的访问列表条目为:()
第9题:
仅允许HTTP流量进入网络196.15.7.0,下面命令错误的是()。
第10题:
Which single access list statement will combine all four of these statements into a single statement that will have exactly the same effect()。
第11题:
access-list 10 permit 172.29.16.0 0.0.0.255
access-list 10 permit 172.29.16.0 0.0.1.255
access-list 10 permit 172.29.16.0 0.0.3.255
access-list 10 permit 172.29.16.0 0.0.15.255
access-list 10 permit 172.29.0.0 0.0.255.255
第12题:
access-list 10 permit ip 192.168.147.0 0.0.0.255.255
access-list 10 permit ip 192.168.149.0 0.0.0.255.255
access-list 10 permit ip 192.168.146.0 0.0.0.0.255
access-list 10 permit ip 192.168.146.0 0.0.1.255
access-list 10 permit ip 192.168.148.0 0.0.1.255
access-list 10 permit ip 192.168.146.0 255.255.255.0
第13题:
下面的访问控制列表的描述正确的是:( )
A.access-list 1 deny 1.1.1.1
B.access-list 1 permit any
C.access-list 1 permit 1.1.1.1 0 2.2.2.2 0.0.0.255
D.access-list 99 deny tcp any 2.2.2.2 0.0.0.255
第14题:
以下ACL语句中,含义为"允许172.168.0.0/24网络所有PC访问10.1.0.10中的FTP服务"的是____.
A.access-list 101 deny tcp 172.168.0.0 0.0.0.255 host 10.1.0.10 eq ftp
B.access-list 101 permit tcp 172.168.0.0 0.0.0.255 host 10.1.0.10 eq ftp
C.access-list 101 deny tcp host 10.1.0.10 172.168.0.0 0.0.0.255 eq ftp
D.access-list 101 permit tcp host 10.1.0.10 172.168.0.0 0.0.0.255 eq ftp
第15题:
若要求路由器的某接口上只封禁ICMP协议,但允许159.67.183.0/24子网的ICMP数据包通过,那么使用的access-list命令是______。
A.access-list 120 deny icmp 159.67.183.0 0.0.0.255 any access-list 120 permit ip any any
B.access-list 10 permit icmp 159.67.183.0 0.0.0.255 any access-list 10 deny icmp any any access-list 10 permit ip any any
C.access-list 99 permit icmp 159.67.183.0 0.0.0.255 any access-list 99 deny icmp any any
D.access-list 110 permit icmp 159.67.183.0 0.0.0.255 any access-list 110 deny icmp any any access-list 110 permit ip any any
第16题:
请参见图示。公司的新安全策略允许来自工程部LAN的所有IP流量访问Internet,但对于来自营销部LAN的流量,则只允许其中的web流量访问Internet。为实施新的安全策略,可在营销部路由器的Serial0/1接口的出站方向上应用哪一ACL()
A.access-list 197 permit ip 192.0.2.0 0.0.0.255 any access-list 197 permit ip 198.18.112.0 0.0.0.255 any eq www
B.access-list 165 permit ip 192.0.2.0 0.0.0.255 any access-list 165 permit tcp 198.18.112.0 0.0.0.255 any eq www access-list 165 permit ip any any
C.access-list 137 permit ip 192.0.2.0 0.0.0.255 any access-list 137 permit tcp 198.18.112.0 0.0.0.255 any eq www
D.access-list 89 permit 192.0.2.0 0.0.0.255 any access-list 89 permit tcp 198.18.112.0 0.0.0.255 any eq www
第17题:
A network administrator is configuring ACLs on a cisco router, to allow affic from hosts on networks 192.168.146.0,192.168.147.0,192.168.148.0 and 192.168.149.0 only.Which two ACL statements when combined are the best for accomplishing the task?()
A.access-list 10 permit ip 192.168.147.0 0.0.0.255.255
B.access-list 10 permit ip 192.168.149.0 0.0.0.255.255
C.access-list 10 permit ip 192.168.146.0 0.0.0.0.255
D.access-list 10 permit ip 192.168.146.0 0.0.1.255
E.access-list 10 permit ip 192.168.148.0 0.0.1.255
F.access-list 10 permit ip 192.168.146.0 255.255.255.0
第18题:
A.access-list 10 permit 172.29.16.0 0.0.0.255
B.access-list 10 permit 172.29.16.0 0.0.1.255
C.access-list 10 permit 172.29.16.0 0.0.3.255
D.access-list 10 permit 172.29.16.0 0.0.15.255
E.access-list 10 permit 172.29.0.0 0.0.255.255
第19题:
下列选项中哪一条可以准确的匹配并代替以下四条访问控制列表()(1):access-list 10 permit172.29.16.00.0.0.255(2):access-list 10 permit172.29.17.00.0.0.255(3):access-lis t10 permit172.29.18.00.0.0.255(4):access-list 10 permit172.29.19.00.0.0.255
A.access-list 10 permit 172.29.16.00.0.0.255
B.access-list 10 permit 172.29.16.00.0.1.255
C.access-list 10 permit 172.29.16.00.0.3.255
D.access-list 10 permit 172.29.16.00.0.15.255
E.access-list 10 permit 172.29.16.0255.255.252.0
第20题:
要创建一个扩展命名访问控制列表cisco,仅允许HTTP流量进入网络196.15.7.0/24,下面命令是错误的有()。
第21题:
网络管理员是Cisco路由器上配置访问控制列表,允许来自只的网络192.168.146.0,192.168.147.0,192.168.148.0和192.168.149.0主机。哪个结合是最好的完成任务,当两个ACL语句?()
第22题:
access-list 10 permit ip 192.168.147.0 0.0.0.255.255
access-list 10 permit ip 192.168.149.0 0.0.0.255.255
access-list 10 permit ip 192.168.146.0 0.0.0.0.255
access-list 10 permit ip 192.168.146.0 0.0.0.1.255
access-list 10 permit ip 192.168.148.0 0.0.0.1.255
access-list 10 permit ip 192.168.146.0 255.255.255.0
第23题:
access-list 10 permit smtp host 1.1.1.1
access-list 110 permit ip smtp host 1.1.1.1
access-list 10 permit tcp any host 1.1.1.1 eq smtp
access-list 110 permit tcp any host 1.1.1.1 eq smtp