Access list Questions CCNA 200-120

QUESTION 60

A network administrator is configuring ACLs on a Cisco router, to allow traffic from hosts on networks
192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when
combined, would you use to accomplish this task? (Choose two)

A. access-list 10 permit ip 192.168.146.0 0.0.1.255
B. access-list 10 permit ip 192.168.147.0 0.0.255.255
C. access-list 10 permit ip 192.168.148.0 0.0.1.255
D. access-list 10 permit ip 192.168.149.0 0.0.255.255
E. access-list 10 permit ip 192.168.146.0 0.0.0.255
F. access-list 10 permit ip 192.168.146.0 255.255.255.0
Correct Answer: AC

QUESTION 61
On which options are standard access lists based?
A. destination address and wildcard mask
B. destination address and subnet mask
C. source address and subnet mask
D. source address and wildcard mask

Correct Answer: D

QUESTION 62
Refer to the exhibit.
ACL 10
Statements are written in this order:
A. permit any
B. deny 172.21.1.128 0.0.0.15
C. permit 172.21.1.129 0.0.0.0
D. permit 172.21.1.142 0.0.0.0
Statements A, B, C, and D of ACL 10 have been entered in the shown order and applied to interface E0
inbound, to prevent all hosts (except those whose addresses are the first and last IP of subnet 172.21.1.128/28)
from accessing the network. But as is, the ACL does not restrict anyone from the network. How can the ACL
statements be re-arranged so that the system works as intended?
A. ACDB
B. BADC
C. DBAC
D. CDBA

Correct Answer: D

QUESTION 63
Which statement about access lists that are applied to an interface is true?
A. you can apply only one access list on any interface
B. you can configure one access list, per direction, per layer 3 protocol
C. you can place as many access lists as you want on any interface
D. you can configure one access list, per direction, per layer 2 protocol

Correct Answer: B

Explanation
We can have only 1 access list per protocol, per direction and per interface. It means:
+ We can not have 2 inbound access lists on an interface
+ We can have 1 inbound and 1 outbound access list on an interface

QUESTION 64
A network engineer wants to allow a temporary entry for a remote user with a specific username and password
so that the user can access the entire network over the internet. Which ACL can be used?
A. reflexive
B. extended
C. standard
D. dynamic

Correct Answer: D

 Back

Copyright ┬ę2010 - ┬á2018 Ciscoforall.com | Privacy Policy