Ccna certification Practice Tests

number. Standard and extended access lists require the entire ACL to be removed and 

reconfigured if one entry needs to be removed. Dynamic access lists are special access lists 

that are used with the condition of time or traffic and by default do not allow for per-

entry editing.

 88.  B.  Once a successful login is performed at the router, the dynamic access control list 

(ACL) is activated. This is also called lock and key security. Standard access lists can 

execute actions based upon the condition of a source IP address only. Extended access 

lists can execute actions based upon the condition of a source and destination IP address 

as well as source and destination port numbers. Named access lists are nothing more than 

standard or extended access lists and use a name in lieu of a specific number.

access-list 20 deny 172.16.0.0 0.255.255.255 configures a 

standard access list for two reasons: The first is that the access list number is 20, which 

falls within the standard access list range of 1 to 99. The second reason is that you are 

depicting traffic by source address. The command 

access-list 180 permit udp any 

172.16.0.0 0.255.255.255 eq 161 is incorrect. The command access-list 130 

permit permit ip any any is incorrect. The command access-list 150 deny any 

172.16.0.0 0.255.255.255 is incorrect.

 90.  C.  The command 

access-list 5 permit host 192.168.1.5 specifies the traffic 

coming from the host 192.168.1.5. The statement 

access-list 5 permit 192.168.1.5 

0.0.0.0 achieves the same thing. The command access-list 5 permit 192.168.1.5 

is incorrect. The command 

access-list 5 permit 192.168.1.5/24 is incorrect. The 

command 

access-list 101 deny tcp host 192.168.2.6 host 192.168.1.3 

eq 80 denies access from the host 192.168.2.3 to the host 192.168.1.6 for port 80. The 

next command, 

access-list 101 permit ip any any, allows all IP traffic from any 

to any. With extended access lists, the protocol needs to be described. The commands 

access-list 101 deny tcp host 192.168.2.6 host 192.168.1.3 eq 80 and 

access-list 101 permit any any are incorrect. The commands access-list 101 

deny host 192.168.2.6 host 192.168.1.3 eq 80 and access-list 101 permit 

any any are incorrect. The commands access-list 101 deny tcp host 192.168.2.6 

host 192.168.1.3 eq 80 and access-list 101 permit ip any any eq 80 are 

incorrect.

the processing of the access list because the router or switch does not need to de-capsulate 

packets further than layer 3. Extended access lists can execute actions based upon the 

condition of a source and destination IP address as well as source and destination port 

numbers. Named access lists are nothing more than standard or extended access lists that 

use a name in lieu of a specific number. Dynamic access lists are ACLs that are triggered 

by a specific traffic pattern or a time of day.

Download 8,04 Mb.

Do'stlaringiz bilan baham: