On which options are standard access lists based?
A. destination address and wildcard mask
B. destination address and subnet mask
C. source address and subnet mask
D. source address and wildcard mask*
Correct Answer: D
QUESTION 2
A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the Internet. Which ACL can be used?
A. reflexive
B. extended
C. standard
D. dynamic*
Correct Answer: D
QUESTION 3
Which statement about access lists that are applied to an interface is true?
A. You can configure one access list, per direction, per Layer 3 protocol*
B. You can apply multiple access lists with the same protocol in different directions
C. You can apply only one access list on any interface
D. You can apply as many access lists as you want on any interface
Correct Answer: A
QUESTION 4
Which item represents the standard IP ACL?
A. access-list 50 deny 192.168.1.1 0.0.0.255*
B. access-list 110 permit ip any any
C. access-list 2500 deny tcp any host 192.168.1.1 eq 22
D. access-list 101 deny tcp any host 192.168.1.1
Correct Answer: A
QUESTION 5
A network administrator is configuring ACLs on a Cisco router, to allow IP access from the 192.168.146.0/24, 192.168.147.0/24, 192.168.148.0/2,. and 192.168.149.0/24 networks only. Which two ACLs, when combined, should be used?
A. access-list 10 permit ip 192.168.146.0 0.0.0.255
B. access-list 10 permit ip 192.168.146.0 255 255.255.0
C. access-list 10 permit ip 192.168.147.0 0.0.255 255
D. access-list 10 permit ip 192.168.149.0 0.0.255.255.0
E. access-list 10 permit ip 192.168.148.0 0.0.1.255*
F. access-list 10 permit ip 192.168.146.0 0.0.1.255*
Correct Answer: EF
QUESTION 6
What can be done to secure the virtual terminal interfaces on a router? (Choose two.)
A. Administratively shut down the interface.
B. Physically secure the interface.
C. Create an access list and apply to the virtual terminal interfaces with the access-group command.
D. Configure a virtual terminal password and login process.*
E. Enter an access list and apply it to the virtual terminal interfaces using the access-class command.*
Correct Answer: DE
QUESTION 7
Refer to the exhibit.
A network administrator cannot establish a Telnet session with the indicated router. What is the cause of this failure?
A. A Level 5 password is not set.
B. An ACL is blocking Telnet access.
C. The vty password is missing.*
D. The console password is missing.
Correct Answer: C
QUESTION 8
Refer to the exhibit.
An attempt to deny web access to a subnet blocks all traffic from the subnet. Which interface command immediately removes the effect of ACL 102?
A. no ip access-class 102 out
B. no ip access-group 102 out*
C. no ip access-group 102 in
D. no ip access-list 102 in
E. no ip access-class 102 in
Correct Answer: B
QUESTION 9
Refer to the exhibit.
Statements A, B, C, and D of ACL 10 have been entered in the shown order and applied to interface E0 inbound, to prevent all hosts (except those whose address are the first and last IP of subnet 172.21.1.128/28) from accessing the network. But, as is, the ACL does not restrict anyone from the network. How can the ACL statements be re-arranged so that the system works as intended?
A. CDBA*
B. ACDB
C. BADC
D. DBAC
Correct Answer: A
Quiz-summary
0 of 9 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
Information
CCNA 200-120 Questions: Security
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 9 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Security 0%
Pos. | Name | Entered on | Points | Result |
---|---|---|---|---|
Table is loading | ||||
No data available | ||||
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- Answered
- Review
-
Question 1 of 9
1. Question
2 pointsOn which options are standard access lists based?
Correct
Incorrect
-
Question 2 of 9
2. Question
2 pointsA network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the Internet. Which ACL can be used?
Correct
Incorrect
-
Question 3 of 9
3. Question
2 pointsWhich statement about access lists that are applied to an interface is true?
Correct
Incorrect
-
Question 4 of 9
4. Question
2 pointsWhich item represents the standard IP ACL?
Correct
Incorrect
-
Question 5 of 9
5. Question
2 pointsA network administrator is configuring ACLs on a Cisco router, to allow IP access from the 192.168.146.0/24, 192.168.147.0/24, 192.168.148.0/2,. and 192.168.149.0/24 networks only. Which two ACLs, when combined, should be used?
Correct
Incorrect
-
Question 6 of 9
6. Question
2 pointsWhat can be done to secure the virtual terminal interfaces on a router? (Choose two.)
Correct
Incorrect
-
Question 7 of 9
7. Question
2 pointsRefer to the exhibit.
A network administrator cannot establish a Telnet session with the indicated router. What is the cause of this failure?Correct
Incorrect
-
Question 8 of 9
8. Question
2 pointsRefer to the exhibit.
An attempt to deny web access to a subnet blocks all traffic from the subnet. Which interface command immediately removes the effect of ACL 102?Correct
Incorrect
-
Question 9 of 9
9. Question
2 pointsRefer to the exhibit.
Statements A, B, C, and D of ACL 10 have been entered in the shown order and applied to interface E0 inbound, to prevent all hosts (except those whose address are the first and last IP of subnet 172.21.1.128/28) from accessing the network. But, as is, the ACL does not restrict anyone from the network. How can the ACL statements be re-arranged so that the system works as intended?Correct
Incorrect