Networking - Security

Exercise : Security - Security

Security - Security

Which of the following is true regarding access lists applied to an interface?

You can place as many access lists as you want on any interface until you run out of memory.

You can apply only one access list on any interface.

One access list may be configured, per direction, for each layer 3 protocol configured on an interface.

You can apply two access lists to any interface.

Answer: Option

Explanation:

A Cisco router has rules regarding the placement of access lists on a router interface. You can place one access list per direction for each layer 3 protocol configured on an interface.

Which command would you use to apply an access list to a router interface?

ip access-list 101 out

access-list ip 101 in

ip access-group 101 in

access-group ip 101 in

Answer: Option

Explanation:

To apply an access list, the proper command is ip access-group 101 in.

Which of the following is an example of a standard IP access list?

access-list 110 permit host 1.1.1.1

access-list 1 deny 172.16.10.1 0.0.0.0

access-list 1 permit 172.16.10.1 255.255.0.0

access-list standard 1.1.1.1

Answer: Option

Explanation:

Standard IP access lists use the numbers 1-99 and 1300-1999 and filter based on source IP address only. Option C is incorrect because the mask must be in wildcard format.

You need to create an access list that will prevent hosts in the network range of 192.168.160.0 to 192.168.191.0. Which of the following lists will you use?

access-list 10 deny 192.168.160.0 255.255.224.0

access-list 10 deny 192.168.160.0 0.0.191.255

access-list 10 deny 192.168.160.0 0.0.31.255

access-list 10 deny 192.168.0.0 0.0.31.255

Answer: Option

Explanation:

The range of 192.168.160.0 to 192.168.191.0 is a block size of 32. The network address is 192.168.160.0 and the mask would be 255.255.224.0, which for an access list must be a wildcard format of 0.0.31.255. The 31 is used for a block size of 32. The wildcard is always one less than the block size.

You are working on a router that has established privilege levels that restrict access to certain functions. You discover that you are not able to execute the command show running-configuration. How can you view and confirm the access lists that have been applied to the Ethernet 0 interface on your router?

show access-lists

show interface Ethernet 0

show ip access-lists

show ip interface Ethernet 0

Answer: Option

Explanation:

The only command that shows which access lists have been applied to an interface is show ip interface Ethernet 0. The command show access-lists displays all configured access lists, and show ip access-lists displays all configured IP access lists, but neither command indicates whether the displayed access lists have been applied to an interface.

Quick links

Quantitative Aptitude

Verbal (English)

Reasoning

Programming

Interview

Placement Papers

Networking - Security

Why should I learn to solve Networking questions and answers section on "Security"?

Where can I get the Networking questions and answers section on "Security"?

Where can I get the Networking section on "Security" MCQ-type interview questions and answers (objective type, multiple choice)?

How do I download the Networking questions and answers section on "Security" in PDF format?

How do I solve Networking quiz problems based on "Security"?

Mini UPS for Wi-Fi Router

Gaming Laptops

Books for entrance exams

Best Smart TVs