多选题On the Hong Kong router an access list is needed that will accomplish the following:1. Allow a Telnet connection to the HR Server through the Internet2. Allow internet HTTP traffic to access the webserver3. Block any other traffic from the internet to

题目

多选题

On the Hong Kong router an access list is needed that will accomplish the following:1. Allow a Telnet connection to the HR Server through the Internet2. Allow internet HTTP traffic to access the webserver3. Block any other traffic from the internet to everything elseWhich of the following access list statements are capable of accomplishing thesethree goals?（）

access-list 101 permit tcp any 172.17.18.252 0.0.0.0 eq 80

access-list 1 permit tcp any 172.17.17.252 0.0.0.0 eq 23

access-list 101 permit tcp 172.17.17.252 0.0.0.0 any eq 23

access-list 101 deny tcp any 172.17.17.252 0.0.0.0 eq 23

access-list 101 deny tcp any 172.17.18.252 0.0.0.0 eq 80

access-list 101 permit tcp any 172.17.17.252 0.0.0.0 eq 23

如果没有搜索结果或未解决您的问题，请直接联系老师获取答案。

相似问题和答案

第1题：

用标准访问控制列表配置212.33.127.0/24子网主机登录到路由表，虚拟的配置是

A．Router(config)#access-list 10 permit 212.33.127.0 255.255.255.0 Router(config)#line vty 0 5 Router(config-line)#access-class 10 in

B．Router(config)#access-list 20 permit 212.33.127.0 0.0.0.255 Router(config)#line vty 0 5 Router(config-line)#access-class 20 in

C．Router(config)#access-list 99 permit 212.33.127.0 0.0.0.255 Router(config)#line vty 0 5 Router(config-line)#access-class 99 in

D．Router(config)#access-list 100 permit 212.33.127.0 0.0.0.255 Router(config)#line vty 0 5 Router(config-line)#access-class 100 in

正确答案：D

第2题：

22． When did Jackie Chan's parents move to Hong Kong?

A． They moved to Hong Kong a short time after Jackie Chan was born．

B． They moved to Hong Kong a short time before Jackie Chan was born．

C． They moved to Hong Kong after they came back from America．

D． They moved to Hong Kong after Jackie Chan studied in the China Drama Acade-my．

正确答案：B
22.B【解析】从第一段第二句可知．

第3题：

拒绝转发所有IP地址进与出方向的、端口号为1434的UDP和端口号为4444的TCP数据包，下列正确的access-list配置是

A）Router (config)#access-list 30 deny udp any any eq 1434

Router (config)#access-list 30 deny tcp any any eq 4444

Router (config)#access-list 30 permit ip any any

B）Router (config)#access-list 130 deny udp any any eq 1434

Router (config)#access-list 130 deny tcp any any eq 4444

Router (config)#access-list 130 permit ip any any

C）Router (config)#access-list 110 deny any any udp eq 1434

Router (config)#access-list 110 deny any any tcp eq 4444

Router (config)#access-list 110 permit ip any any

D）Router (config)#access-list 150 deny udp ep 1434 any any

Router (config)#access-list 150 deny tcp ep 4444 any any

Router (config)#access-list 150 permit ip any any

正确答案：A
A
解析：标准控制列表命令格式如下：
Router(config)#access-list access-list-number {permit or deny} protocol soure {soure-wildcard} log
注：access-list-number是访问控制列表号。permit是语句匹配时允许通过，deny是语句不匹配时，拒绝通过。soure是源IP地址，protocol 是值得数据包遵守的协议，也就是数据类型。soure-wildcard是通配符，log是可选项，生成有关分组匹配情况的日志消息，发到控制台。
题中
拒绝转发所有IP地址进与出方向的、端口号为1434的UDP数据包: deny udp any any eq 1434
拒绝转发所有IP地址进与出方向的、端口号为4444的TCP数据包: deny tcp any any eq 4444
允许其他端口和其他类型的数据包：permit ip any any

第4题：

Hong Kong Fashion Week(英译汉)

正确答案：香港时装节

第5题：

封禁ICMP协议，只转发212.78.170.166/27所在子网的所有站点的ICMP数据包，正确的access-list配置是______。

A) Router(config)#access-list 110 permit icmp 212.78.170.166 0.0.0.0 any

Router(config)#access-list 110 deny icmp any any

Router(config)#access-list 110 permit ip any any

B) Router(config)#access-list 110 permit icmp 212.78.170.0 255.255.255.224 any

Router(config)#access-list 110 permit ip any any

Router(config)#access-list 110 deny icmp any any

C) Router(config)#access-list 110 perimt iemp 212.78.170.0 0.0.0.255 any

Router(config)#access-list 110 deny icmp any any

Router(config)#access-list 110 permit ip any any

D) Router(config)#access-list 110 permit icmp 212.78.170.160 0.0.0.31 any

Router(config)#access-list 110 deny icmp any any

Router(config)#access-list 110 permit ip any any

A．

B．

C．

D．

正确答案：D

第6题：

● 将ACL应用到路由器接口的命令是（43）。

（43）A. Router(config-if)#ip access-group 10 out

B. Router(config-if)#apply access-list 10 out

C. Router(config-if)#fixup access-list 10 out

D. Router(config-if)#route access-group 10 out

正确答案：A
解析：ip acoess-group {list-id I list-name}{in I out}no ip access-group{list-id I list-name}{in I out}
把IP访问控制列表应用于接口上。使用no选项可取消访问列表和接口的关联

第7题：

用标准访问控制列表配置只允许212.33.127.0/24子网主机登录到路由表，正确的配置是______。

A．Router(config) #access-list 10 permit 212.33.127.0 255.255.255.0 Router(config) #line vty 0 5 Router(config-line) #access-class 10 in

B．Router(config) #access-list 20 permit 212.33.127.0 0.0.0.255 Router(config) #line vty 0 5 Router(config-line) #access-class 20 out

C．Router(config) #access-list 99 permit 212.33.127.0 0.0.0.255 Router(config) #line vty 0 5 Router(config-line) #access-class 99 in

D．Router(config) #access-list 100 permit 212.33.127.0 0.0.0.255 Router(config) #line vty 0 5 Router(config-line) #access-class 100 in

正确答案：C
解析：表号1～99用于标准访问控制列表，扩展访问控制列表的表号范围为100～199和2000～2699，D项不符合，并且通配符用32位二进制数表示，表示形式与IP地址和子网掩码相同，实际上就是子网掩码的反码，212.33.127.0/24的子网掩码为255.255.255.0，反码为0.0.0.255。因此选C。

第8题：

Cisco路由器执行show access-list命令显示如下一组信息 Standard IP access list block deny 10.0.0.0, wildcardbits 0.255.255.255 log deny 172.16.0.0, wildcard bits 0.15.255.255 permit any 根据上述信息，正确的access-list配置是

A．Router (config) #access-list standard block Router (config-std-nacl) #deny 10.0.0.0 255.0.0.0 log Router (config-std-nacl) #deny 172.16.0.0 255.240.0.0 Router (config-std-nacl) #permit any

B．Router (config) #ip access-list standard block Router (config-std-nacl) #permit any Router (config-std-nacl) #deny 10.0.0.0 0.255.255.255 log Router (config-std-nacl) #deny 172.16.0.0 0.15.255.255

C．Router (config) #ip access-list standard block Router (config-std-nacl) #deny 10.0.0.0 255.0.0.0 log Router (config-std-nacl) #deny 172.16.0.0 255.240.0.0 Router (config-std-nacl) #permit any

D．Router (config) #ip access-list standard block Router (config-std-nacl) #deny 10.0.0.0 0.255.255.255 log Router (config-std-nacl) #deny 172.16.0.0 0.15.255.255 Router (config-std-nacl) #permit any

正确答案：D

第9题：

Cisco路由器执行show access-list命令显示如下一组控制列表信息：

Standard IP acceSS list 30

deny 127.0.0.0，wildcard bits 0.255.255.255

deny 172.16.0.0，wiidcard bits 0.15.255.255

permft any

根据上述信息，正确的access-list配置是______。

A) Router(config)#access-list 30 deny 127.0.0.0 255.255.255.0

Router(config)#access-list 30 deny 172.16.0.0 255.240.0.0

Router(config)#access-list 30 permit any

B) Router(config-std-nacl)#access-list 30 deny 127.0.0.0 0.255.255.255

Router(config-std-nael)#access-list 30 deny 172.16.0.0 0.15.255.255

Router(config-std-nacl)#access-list 30 permit any

C) Router(config)#access-list 30 deny 127.0.0.0 0.255.255.255

Router(config)#access-list 30 deny 172.16.0.0 0.15.255.255

Router(config)#access-list 30 permit any

D) Router(config)#access-list 30 deny 127.0.0.0 0.255.255.255

Router(config)#access-list 30 permit any

Router(config)#access-list 30 deny 172.16.0.0 0.15.255.255

A．

B．

C．

D．

正确答案：C

第10题：

将ACL应用到路由器接口的命令是( )。

A．Router(config-if)#ip access-group 10 out

B．Router(eonfig-if)#apply access-list 10 out

C．Router(eonfig—if)#fixup aceess—list 10 out

D．Router(eonfig—if)#route attess—group 10 out

正确答案：A
解析：ip acoess-group {list-id I list-name}{in I out}no ip access-group{list-id I list-name}{in I out}
把IP访问控制列表应用于接口上。使用no选项可取消访问列表和接口的关联。

On the Hong Kong router an access list is needed that will a

题目

相似问题和答案

更多相关问题

相关内容