A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()A、The source and destination addressesB、The destination port numberC、The destination addressD、The source addressE、All of the above

题目

A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()

  • A、The source and destination addresses
  • B、The destination port number
  • C、The destination address
  • D、The source address
  • E、All of the above
相似考题

1.在Cisco路由器上,用扩展访问控制列表封禁IP地址为211.102.33.24的主机,正确的配置语句是______。A.access-list 99 deny ip host 211.102.33.24 any access-list 99 deny ip any host 211.102.33.24 access-list 99 permit ip any anyB.access-list 100 permit ip any any access-list 100 deny ip host 211.102.33.24 any access-list 100 deny ip any host 211.102.33.24C.access-list 199 deny ip host 211.102-33.24 any access-list 199 deny ip any host 211.102.33.24 access-list 199 permit ip any anyD.access-list 166 deny ip host 211.102.33.24 any access-list 166 permit ip any any

2.只封禁一台地址为193.62.40.230主机的access—list的正确配置是——。A.access—list 110 permit ip any any access—list 110 deny ip host 193.62.40.230 any access—list 1 10 deny ip any host 193.62.40.230B.access—list 110 denv ip host 193.62.40.230 any access—list 110 deny ip any host 193.62.40.230 access—-list 110 permit ip any anyC.access—list 110 deny ip host 193.62.40.230 any aCCeSS—list 110 deny ip any host 193.62.40.230D.access—list 110 deny ip host 193.62.40.230 any access—list 110 permit ip any any access—list 110 deny ip any host 193.62.40.230

3.( 22 )只封禁一台地址为 193.62.40.230 主机的 access-list 的正确配置是A ) access-list 110 permit ip any anyaccess-list 110 deny ip host 193.62.40.230 anyaccess-list 110 deny ip any host 193.62.40.230B ) access-list 110 deny ip host 193.62.40.230 anyaccess-list 110 deny ip any host 193.62.40.230access-list 110 permit ip any anyC ) access-list 110 deny ip host 193.62.40.230 anyaccess-list 110 deny ip any host 193.62.40.230D ) access-list 110 deny ip host 193.62.40.230 anyaccess-list 110 permit ip any anyaccess-list 110 deny ip any host 193.62.40.230

4.Cisco路由器执行show access-list命令显示如下一组信息 Standard IP access list block deny 10.0.0.0, wildcardbits 0.255.255.255 log deny 172.16.0.0, wildcard bits 0.15.255.255 permit any 根据上述信息,正确的access-list配置是A.Router (config) #access-list standard block Router (config-std-nacl) #deny 10.0.0.0 255.0.0.0 log Router (config-std-nacl) #deny 172.16.0.0 255.240.0.0 Router (config-std-nacl) #permit anyB.Router (config) #ip access-list standard block Router (config-std-nacl) #permit any Router (config-std-nacl) #deny 10.0.0.0 0.255.255.255 log Router (config-std-nacl) #deny 172.16.0.0 0.15.255.255C.Router (config) #ip access-list standard block Router (config-std-nacl) #deny 10.0.0.0 255.0.0.0 log Router (config-std-nacl) #deny 172.16.0.0 255.240.0.0 Router (config-std-nacl) #permit anyD.Router (config) #ip access-list standard block Router (config-std-nacl) #deny 10.0.0.0 0.255.255.255 log Router (config-std-nacl) #deny 172.16.0.0 0.15.255.255 Router (config-std-nacl) #permit any

更多“A standard IP access list is app”相关问题

  • 第1题:

    在 Cisco 路由器匕用扩展访问控制列表封禁 1P 地址为 211.102.33.24 的主机,正确的配置语句是

    A )

    access-list 99 deny ip host 211.102.33.24 any

    access-list 99 deny ip any host 211.102.33.24

    access-list 99 permit ip any any

    B )

    access-list 100 permit ip any any

    access-list 100 deny ip host 211.102.33.24 any

    access-list 100 deny ip any host 211.102.33.24

    C )

    access-list 199 deny ip host 211.102.33.24 any

    access-list 199 deny ip any host 211.102.33.24

    access-list 199 permit ip any any

    D )

    access-list 166 deny ip host 211.102.33.24 any

    access-list 166 permit ip any any


    正确答案:C

  • 第2题:

    要禁止内网中IP地址为198.168.46.8的PC访问外网,正确的ACL规则是(11)。

    A.access-list 1 permit ip 192.168.46.00.0.0.255 any access-list 1 deny ip host 198.168.46.8 any

    B.access-list 1 permit ip host 198.168.46.8 any access-list 1 deny ip 192.168.46.00.0.0.255 any

    C.access-list 1 deny ip 192.168.46.00.0.0.255 any access-list 1 permit ip host 198.168.46.8 any

    D.access-list 1 deny ip host 198.168.46.8 any access-list 1 permitip 192.168.46.00.0.0.255 any


    正确答案:D
    D 解析:这是一道要求掌握标准访问控制列表的具体应用的理解题。本题的解答思路如下。
    最简单的访问控制列表就是标准访问控制列表。它是通过使用IP包中的源IP地址进行过滤,使用访问控制列表号1~99宋创建相应的ACL。其具体的语法格式如下:

    例如,access-list 1 deny ip host 198.168.46.8 any配置语句可将所有来自198.168.46.8地址的数据包丢弃。对于标准访问控制列表而言,可以省略默认的关键词host。换言之,语句access-list 1 deny ip host 198.168.46.8 any与语句access-list 1deny中198.168.46.8 any是等价的。
    当然也可以用网段来表示ip地址>,以实现对某个网段的数据包的过滤。例如,access-list 1 permit ip 192.168.46.00.0.0.255 any配置语句,允许所有来自198.168.46.0/24网段内所有计算机的数据包通过防火墙。其中,0.0.0.255是子网掩码255.255.255.0的反向掩码。

  • 第3题:

    A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()

    A. The source and destination addresses

    B. The destination port number

    C. The destination address

    D. The source address

    E. All of the above


    参考答案:D

  • 第4题:

    Which item represents the standard IP ACL?()

    A.access-list 50 deny 192.168.1.1 0.0.0.255

    B.access-list 110 permit ip any any

    C.access-list 2500 deny tcp any host 192.168.1.1 eq 22

    D.access-list 101 deny tcp any host 192.168.1.1


    参考答案:A

  • 第5题:

    请问用于过滤只接收指定路由器发送的路由信息的命令组合是()

    A. ip ip-prefix prefix-list-name

    B. ip access-list \{standard | extended} access-list name

    C. filter-policy gateway prefix-list-name import

    D. filter-policy gateway access-list-name import


    参考答案:A, C

  • 第6题:

    Which of the following are characteristics of named access lists?()

    • A、Individual statements in a named access list may be deleted.
    • B、They require a numbered range from 1000 to 1099.
    • C、When created, they must be specified as standard or extended.
    • D、They are created with the ip access-list command.
    • E、The entire access list must be deleted before editing.
    • F、They are applied with the ip name-group command.

    正确答案:A,C,D

  • 第7题:

    A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()

    • A、access-list 101 deny tcp 192.168.1.128 0.0.015 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
    • B、access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any any
    • C、access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any any
    • D、access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
    • E、access-list 101 deny ip 192.168.1.128 0.0.0.240 192.158.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
    • F、access-list 101 deny ip 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any

    正确答案:A

  • 第8题:

    仅仅允许到主机1.1.1.1的SMTP邮件服务的命名访问控制列表语句是()。

    • A、ip access-list standard cisco permit smtp host 1.1.1.1
    • B、ip access-list extended cisco permit ip smtp host 1.1.1.1
    • C、ip access-list standard cisco permit tcp any host 1.1.1.1 eq smtp
    • D、ip access-list extended cisco permit tcp any host 1.1.1.1 eq smtp

    正确答案:D

  • 第9题:

    Which item represents the standard IP ACL?()

    • A、access-list 50 deny 192.168.1.10.0.0.255
    • B、access-list 110 permitip any any
    • C、access-list 2500 deny tcp any host 192.168.1.1eq22
    • D、access-list 101 deny tcp any host 192.168.1.1

    正确答案:A

  • 第10题:

    多选题
    Which of the following are characteristics of named access lists?()
    A

    Individual statements in a named access list may be deleted.

    B

    They require a numbered range from 1000 to 1099.

    C

    When created, they must be specified as standard or extended.

    D

    They are created with the ip access-list command.

    E

    The entire access list must be deleted before editing.

    F

    They are applied with the ip name-group command.


    正确答案: C,D
    解析: 暂无解析

  • 第11题:

    多选题
    你需要创建一个标准命名访问控制列表cisco用来拒绝主机172.16.198.94/19所在的子网,表示错误的有()。
    A

    ip access-list standard cisco deny 172.16.192.0 0.0.31.255

    B

    ip access-list standard cisco deny 172.16.0.0 0.0.255.255

    C

    ip access-list standard cisco deny 172.16.172.0 0.0.31.255

    D

    ip access-list standard cisco deny 172.16.188.0 0.0.15.255

    E

    ip access-list standard cisco deny 172.16.192.0 0.0.15.255


    正确答案: B,C
    解析: 暂无解析

  • 第12题:

    单选题
    创建一个标准命名访问控制列表cisco用来拒绝网络192.168.160.0到192.168.191.0内的主机,下面表达式正确的是()。
    A

    ip access-list standard cisco deny 192.168.160.0 255.255.240.0

    B

    ip access-list standard cisco deny 192.168.160.0 0.0.191.255

    C

    ip access-list standard cisco deny 192.168.160.0 0.0.31.255

    D

    ip access-list standard cisco deny 192.168.0.0 0.0.31.255


    正确答案: D
    解析: 暂无解析

  • 第13题:

    只封禁一台IP地址为203.168.47.59主机的access-list的正确配置是(41) 。

    A.access-list 110permit ip any any access-list 110deny ip host 203.168.47.59 any access-list 110deny ip any host 203.168.47.59

    B.access-list 110deny ip host 203.168.47.59any access-list 110deny ip any host 203.168.47.59 access-list 110permit ip any any

    C.access-list 110deny ip host 203.168.47.59 any access-list 110deny ip any host 203.168.47.59

    D.access-list 110deny ip host 203.168.47.59 any access-list 110permit ip any any access-list 110deny ip any host 203.168.47.59


    正确答案:B
    解析:访问控制列表(ACL)用于过滤流入和流出路由器接口的数据包。它是一种基于接口的控制列表,可根据网络管理员制订的访问控制准则来控制接口对数据包的接收和拒绝,具有包过滤功能,能做到限制网络流量、限制用户和设备对网络的访问,减少网络欺骗和拒绝服务,以提高网络的安全性。
      IP访问控制列表是一个连续的列表,至少由一个“permit(允许)”语句和一个或多个“deny(拒绝)”语句组成。ACL列表用名字(Name)或表号(Number)标识和引用。配置IP访问控制列表的首要任务就是使用命令“access-list”定义一个访问控制列表。在配置过滤规则时,需要注意的是ACL语句的顺序。因为路由器接口执行哪一条ACL是按照配置的访问控制列表中的条件语句(准则),从第1条开始顺序执行的。数据包只有在跟前一个判断条件不匹配时,才能被交给ACL中的下一个条件语句进行比较。可见, ACL语句的先后顺序非常重要。例如,只封禁一台地址为203.168.47.59主机的access-list的正确配置如下:
      access-list 110 deny ip host
      access-list 110 deny ip any host 203.168.47.59
      access-list 110 permit ip any any
      如果将“access-list 110 permit ip any any”放在ACL规则的最前面(见选项A),则其后两条deny语句将不起作用,即不能按照预期的应用需求正确地控制数据包的接收与拒绝。
      选项C的ACL规则中,缺少“permit(允许)”语句,它将封禁全网所有的通信。
      选项D的ACL规则,将封禁地址为203.168.47.59的主机对外的单向通信,允许其他主机或路由器访问203.168.47.59的主机。

  • 第14题:

    只封禁一台地址为192.168.1.230主机的access-list正确配置是 (5) 。 A.access-list 110 permit中anyany access-list 110 deny中host 192.168.1.230 any access-list 110 deny ip anyhost 192.168.1.230

    B.access-list 110 deny中host 192.168.1.230 any access-list 110 deny中any host 192.168.1.230 access-list 110 permit ip anyany

    C.access-list 110 deny ip host 192.168.1.230 any access-list 110 deny ip any host 192.168.1.230

    D.access-list 110 deny ip host 192.168.1.230 any access-list 110 permit ip anyany access-list 110 deny ip any host 192.168.1.230


    正确答案:(5) B
    (5) B 解析:访问控制列表(ACL)用于过滤流入和流出路由器接口的数据包。它是一种基于接口的控制列表,可根据网络管理员制定的访问控制准则来控制接口对数据包的接收和拒绝,从而提高网络的安全性。
    IP访问控制列表是一个连续的列表,至少由一个“permit(允许)”语句和一个或多个“deny(拒绝)”语句组成。ACL列表用名字(name)或表号(number)标识和引用。配置IP访问控制列表的首要任务就是使用命令“access-list”定义一个访问控制列表。在配置过滤规则时,需要注意的是ACL语句的顺序。因为路由器接口执行哪一条ACL是按照配置的访问控制列表中的条件语句(准则),从第1条开始按顺序执行的。数据包只有在跟前一个判断条件不匹配时,才能跟交给ACL的下一个条件语句进行比较。可见,ACL语句的先后顺序非常重要。例如,只封禁一台地址为192.168.1.230的主机的access-list正确配置示例如下:
    access-list 110 deny ip host 192.168.1.230 any
    access-list 110 deny ip any host192.168.1.230
    access-list 110 permit ip any any
    如果将“access-list 110 permit ip any any”放在ACL规则的最前面(见选项A),则其后两条deny语句将不起作用,即不能按照预期的应用需求正确地控制数据包的接收与拒绝。
    选项C的ACL规则中,缺少“permit(允许)”语句,它将封禁全网所有的通信。
    选项D的ACL规则将封禁地址为192.168.1.230的主机对外的单向通信,允许其他主机或路由器访问 192.168.1.230的主机。

  • 第15题:

    Which of the following answer choices are correct characteristics of named access list?()

    A. You can delete individual statements in a named access list

    B. Named access lists require a numbered range from 1000 to 1099.

    C. Named access lists must be specified as standard or extended.

    D. You can use the ip access-list command to create named access lists.

    E. You cannot delete individual statements in a named access list.

    F. You can use the ip name-group command to apply named access lists.


    参考答案:A, C, D

  • 第16题:

    Which item represents the standard IPACL?()

    A.access-list 50 deny 192.168.1.10.0.0.255

    B.access-list 110 permit ip any any

    C.access-list 2500 deny tcp any host 192.168.1.1 eq22

    D.access-list 101 deny tcp any host 192.168.1.1


    参考答案:A

  • 第17题:

    只封禁一台地址为193.62.40.230主机的access-list的正确配置是

    A.access-list 110 permit ip any any access-list 110 deny ip host 193.62.40.230 any access-list 110 deny ip any host 193.62.40.230

    B.access-list 110 deny ip host 193.62.40.230any access-list 110 deny ip any host 193.62.40.230 access-list 110 permit ip any any

    C.access-list 110 deny ip host 193.62.40.230 any access-list 110 deny ip any host 193.62.40.230

    D.access-list 110 deny ip host 193.62.40.230 any access-list 110 permit ip any any access-list 110 deny ip any host 193.62.40.230


    正确答案:B

  • 第18题:

    你需要创建一个标准命名访问控制列表cisco用来拒绝主机172.16.198.94/19所在的子网,表示错误的有()。

    • A、ip access-list standard cisco deny 172.16.192.0 0.0.31.255
    • B、ip access-list standard cisco deny 172.16.0.0 0.0.255.255
    • C、ip access-list standard cisco deny 172.16.172.0 0.0.31.255
    • D、ip access-list standard cisco deny 172.16.188.0 0.0.15.255
    • E、ip access-list standard cisco deny 172.16.192.0 0.0.15.255

    正确答案:B,C,D,E

  • 第19题:

    创建一个标准命名访问控制列表cisco用来拒绝网络192.168.160.0到192.168.191.0内的主机,下面表达式正确的是()。

    • A、ip access-list standard cisco deny 192.168.160.0 255.255.240.0
    • B、ip access-list standard cisco deny 192.168.160.0 0.0.191.255
    • C、ip access-list standard cisco deny 192.168.160.0 0.0.31.255
    • D、ip access-list standard cisco deny 192.168.0.0 0.0.31.255

    正确答案:C

  • 第20题:

    Which item represents the standard IP ACL?()

    • A、access-list 50 deny 192.168.1.1 0.0.0.255
    • B、access-list 110 permit ip any any
    • C、access-list 2500 deny tcp any host 192.168.1.1 eq 22
    • D、access-list 101 deny tcp any host 192.168.1.1

    正确答案:A

  • 第21题:

    单选题
    仅仅允许到主机1.1.1.1的SMTP邮件服务的命名访问控制列表语句是()。
    A

    ip access-list standard cisco permit smtp host 1.1.1.1

    B

    ip access-list extended cisco permit ip smtp host 1.1.1.1

    C

    ip access-list standard cisco permit tcp any host 1.1.1.1 eq smtp

    D

    ip access-list extended cisco permit tcp any host 1.1.1.1 eq smtp


    正确答案: B
    解析: 暂无解析

  • 第22题:

    单选题
    A standard IP access list is applied to an Ethernet interface of a router. What does this standard access list filter on?()
    A

    The source and destination addresses

    B

    The destination port number

    C

    The destination address

    D

    The source address

    E

    All of the above


    正确答案: D
    解析: 暂无解析

  • 第23题:

    多选题
    Which of the following answer choices are correct characteristics of named access list?()
    A

    You can delete individual statements in a named access list

    B

    Named access lists require a numbered range from 1000 to 1099.

    C

    Named access lists must be specified as standard or extended.

    D

    You can use the ip access-list command to create named access lists.

    E

    You cannot delete individual statements in a named access list.

    F

    You can use the ip name-group command to apply named access lists.


    正确答案: F,C
    解析: 暂无解析

相关内容