请参见图示。公司的新安全策略允许来自工程部LAN的所有IP流量访问Internet,但对于来自营销部LAN的流量,则只允许其中的web流量访问Internet。为实施新的安全策略,可在营销部路由器的Serial0/1接口的出站方向上应用哪一ACL()
A.access-list 197 permit ip 192.0.2.0 0.0.0.255 any access-list 197 permit ip 198.18.112.0 0.0.0.255 any eq www
B.access-list 165 permit ip 192.0.2.0 0.0.0.255 any access-list 165 permit tcp 198.18.112.0 0.0.0.255 any eq www access-list 165 permit ip any any
C.access-list 137 permit ip 192.0.2.0 0.0.0.255 any access-list 137 permit tcp 198.18.112.0 0.0.0.255 any eq www
D.access-list 89 permit 192.0.2.0 0.0.0.255 any access-list 89 permit tcp 198.18.112.0 0.0.0.255 any eq www
第1题:
为了禁止网络210.93.105.0ftp到网络223.8.151.0,允许其他信息传输,则能实现该功能的选项是:()
A.access-list 1 deny 210.93.105.0.0.0.0.0.0
B.access-list 100 deny tcp 210.93.105.0 0.0.0.255 223.8.151.0 0.0.0.255 eq ftp
C.access-list 100 permit ip any any
D.access-list 100 deny tcp 210.93.105.0 0.0.0.255 223.8.151.00.0.0.255 eq ftp access list 100 permit ip any any
第2题:
若要求路由器的某接口上只封禁ICMP协议,但允许159.67.183.0/24子网的ICMP数据包通过,那么使用的access-list命令是______。
A.access-list 120 deny icmp 159.67.183.0 0.0.0.255 any access-list 120 permit ip any any
B.access-list 10 permit icmp 159.67.183.0 0.0.0.255 any access-list 10 deny icmp any any access-list 10 permit ip any any
C.access-list 99 permit icmp 159.67.183.0 0.0.0.255 any access-list 99 deny icmp any any
D.access-list 110 permit icmp 159.67.183.0 0.0.0.255 any access-list 110 deny icmp any any access-list 110 permit ip any any
第3题:
A.access-list 50 deny 192.168.1.1 0.0.0.255
B.access-list 110 permit ip any any
C.access-list 2500 deny tcp any host 192.168.1.1 eq 22
D.access-list 101 deny tcp any host 192.168.1.1
第4题:
An access list has been designed to prevent HTTP traffic from the Accounting Department from reaching the HR server attached to the Holyoke router. Which of the following access lists will accomplish this task when grouped with the e0 interface on the Chicopee router()。
A. permit ip any any deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80
B. permit ip any any deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80
C. deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80 permit ip any any
D. deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 permit ip any any
第5题:
要创建一个扩展命名访问控制列表cisco,仅允许HTTP流量进入网络196.15.7.0/24,下面命令是错误的有()。
第6题:
A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()
第7题:
仅仅允许到主机1.1.1.1的SMTP邮件服务的命名访问控制列表语句是()。
第8题:
Which item represents the standard IP ACL?()
第9题:
access-list 11 deny tcp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any any
access-list 111 deny tcp any 192.168.1.0 eq telnet/access-list 111 permit ip any any
access-list 111 deny udp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any any
access-list 111 deny tcp any 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any any
第10题:
access-list 101 deny tcp 192.168.1.128 0.0.015 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any any
access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any any
access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
access-list 101 deny ip 192.168.1.128 0.0.0.240 192.158.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
access-list 101 deny ip 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
第11题:
permit ip any any deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80
permit ip any any deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80
deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80 permit ip any any
deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 permit ip any any
第12题:
ip access-list extended cisco permit tcp any 196.15.7.0 0.0.0.255 eq www
ip access-list extended cisco deny tcp any 196.15.7.0 eq www
ip access-list extended cisco permit 196.15.7.0 0.0.0.255 eq www
ip access-list extended cisco permit ip any 196.15.7.0 0.0.0.255
ip access-list extended cisco permit www 196.15.7.0 0.0.0.255
第13题:
要禁止内网中IP地址为198.168.46.8的PC访问外网,正确的ACL规则是(11)。
A.access-list 1 permit ip 192.168.46.00.0.0.255 any access-list 1 deny ip host 198.168.46.8 any
B.access-list 1 permit ip host 198.168.46.8 any access-list 1 deny ip 192.168.46.00.0.0.255 any
C.access-list 1 deny ip 192.168.46.00.0.0.255 any access-list 1 permit ip host 198.168.46.8 any
D.access-list 1 deny ip host 198.168.46.8 any access-list 1 permitip 192.168.46.00.0.0.255 any
第14题:
定义一个用于封禁ICMP协议而只允许转发l66.129.130.0/24子网的ICMP数据包的访问控制列表,Cisc0路由器的正确配置是( )。
A.access-list 198 permit icmp 166.129.130.0 255.255.255.0 anyaccess-list 198 deny iemp any anyaccess-list 198 permit ip any any
B.access-list 198 permit icmp 166.129.130.0 0.0.0.255 anyaccess-list 198 deny iemp any anyaccess-list 198 permit ip any any
C.access-list 99 permit icmp 166.129.130.0 0.0.0.255 anyaccess-list 99 deny iemp any anyaccess-list 99 permit ip any any
D.access-list 100 permit icmp 166.129.130.0 0.0.0.255 anyaccess-list 100 permit ip any anyaccess-list 100 deny icmp any any
第15题:
A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()
A.access-list 101 deny tcp 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
B.access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
C.access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any any
D.access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any any
第16题:
计费服务器的ip地址在192.168.1.0/24子网内,为了保证计费服务器的安全,不允许任何用户telnet到该服务器,则需要配置的访问列表条目为:()
第17题:
仅允许HTTP流量进入网络196.15.7.0,下面命令错误的是()。
第18题:
在访问列表中,有一条规则如下:access-list 131 permit ip any 192.168.10.0 0.0.0.255 eq ftp 在该规则中,any的意思是表示:()
第19题:
哪个选项代表了标准的IP ACL?()
第20题:
A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()
第21题:
access-list 50 deny 192.168.1.1 0.0.0.255
access-list 110 permit ip any any
access-list 2500 deny tcp any host 192.168.1.1 eq 22
access-list 101 deny tcp any host 192.168.1.1
第22题:
access-list 100 permit tcp any 196.15.7.0 0.0.0.255 eq www
access-list 10 deny tcp any 196.15.7.0 eq www
access-list 100 permit 196.15.7.0 0.0.0.255 eq www
access-list 110 permit ip any 196.15.7.0 0.0.0.255
access-list 110 permit www 196.15.7.0 0.0.0.255
第23题:
access-list 101 deny tcp 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any any
access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any any