违法和不良信息举报 联系客服
免费注册 登录

A network administrator wants to

题目

A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5.What command should be issued to accomplish this task?()

  • A、access-list 101 deny tcp192.168.1.1280.0.0.15192.168.1.50.0.0.0eq23 access-list 101 permit ip any any
  • B、access-list 101 deny tcp192.168.1.1280.0.0.240192.168.1.50.0.0.0eq23 access-list101permit ip any any
  • C、access-list 1 deny tcp192.168.1.1280.0.0.255192.168.1.50.0.0.0eq21 access-list1permit ip any any
  • D、access-list 1 deny tcp192.168.1.1280.0.0.15host192.168.1.5eq23 access-list1permit ip any any
如果没有搜索结果或未解决您的问题,请直接 联系老师 获取答案。
相似问题和答案

第1题:

An administrator wants to be alerted when a network-based attack is underway, but the company policy prohibits blocking or dropping network connections.Which of the following MUST be deployed?()

A.IDS

B.IPS

C.Firewall

D.Managed PKI


参考答案:A

第2题:

An administrator wants to limit access of a wireless network without requiring authorized users toenter a password or network key.Which of the following methods would MOST likely be implemented on the wireless network?()

A. Disable SSID

B. WPA

C. MAC filtering

D. RAS


参考答案:A

第3题:

The Ezonexam network administrator wants to use a router named VE1 to segment the local network. What are some of the advantages of using VE1 to segment the network? (Choose two)

A. Routers generally cost less than switches

B. Filtering can occur based on Layer 3 information

C. Broadcasts are not forwarded across the router

D. Broadcasts are eliminated

E. Adding a router to the network decreases latency

F. Routers can generally support more LAN ports than switches


正确答案:BC
B,C

第4题:

An administrator has added a new device to a system and wants to determine if it has been correctly added to the ODM database. Which command would the system administrator use?()

  • A、odmget
  • B、odmadd
  • C、odmshow
  • D、odmcreate

正确答案:A

第5题:

A network administrator wants to detect a login attack against a router. What IOS command can make the attack recorded in syslog server?()

  • A、Logging detect fail-login
  • B、Login on-failure log
  • C、Login detect login-failure log
  • D、Logging login on-failure
  • E、none of the above

正确答案:B

第6题:

A company wants to secure access to its internal wireless network. The company wants to use themost secure means to access the network. Which of the following is the BEST choice for wireless security in this situation?()

A. WEP encryption

B. Channel rotation

C. Disable SSID

D. WPA encryption


参考答案:D

第7题:

An administrator wants to test the network MTU. Which of the following commands allows differentsize packets to be sent?()

A.netstat

B.traceroute

C.nbtstat

D.ping


参考答案:D

第8题:

A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?

A. BPDU

B. Port security

C. RSTP

D. STP

E. VTP

F. Blocking mode


正确答案:B
B 解析:Explanation:
Understanding How Port Security Works:
You can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to access the port is different from any of the MAC addresses specified for that port. Alternatively, you can use port security to filter traffic destined to or received from a specific host based on the host MAC address.

When a secure port receives a packet, the source MAC address of the packet is compared to the list of secure source addresses that were manually configured or autoconfigured (learned) on the port. If a MAC address of a device attached to the port differs from the list of secure addresses, the port either shuts down permanently (default mode), shuts down for the time you have specified, or drops incoming packets from the insecure host.

The port's behavior. depends on how you configure it to respond to a security violation. If a security violation occurs, the Link LED for that port turns orange, and a link-down trap is sent to the Simple Network Management Protocol (SNMP) manager. An SNMP trap is not sent if you configure the port for restrictive violation mode. A trap is sent only if you configure the port to shut down during a security violation.

第9题:

A network administrator needs to configure port security on a switch.which two statements are true?()

  • A、The network administrator can apply port security to dynamic access ports
  • B、The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.
  • C、The sticky learning feature allows the addition of dynamically learned addresses to the runningconfiguration.
  • D、The network administrator can apply port security to EtherChannels.
  • E、When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.

正确答案:C,E

第10题:

A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?()

  • A、BPDU
  • B、Port security
  • C、RSTP
  • D、STP
  • E、VTP
  • F、Blocking mode

正确答案:B

更多相关问题
相关内容