A network administrator wants to add a line to an access lis

题目
单选题
A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()
A

access-list 101 deny tcp 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any

B

access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any

C

access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any any

D

access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any any

如果没有搜索结果或未解决您的问题,请直接 联系老师 获取答案。
相似问题和答案

第1题:

A company wants to secure access to its internal wireless network. The company wants to use themost secure means to access the network. Which of the following is the BEST choice for wireless security in this situation?()

A. WEP encryption

B. Channel rotation

C. Disable SSID

D. WPA encryption


参考答案:D

第2题:

An administrator wants to test the network MTU. Which of the following commands allows differentsize packets to be sent?()

A.netstat

B.traceroute

C.nbtstat

D.ping


参考答案:D

第3题:

A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?

A. BPDU

B. Port security

C. RSTP

D. STP

E. VTP

F. Blocking mode


正确答案:B
B 解析:Explanation:
Understanding How Port Security Works:
You can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to access the port is different from any of the MAC addresses specified for that port. Alternatively, you can use port security to filter traffic destined to or received from a specific host based on the host MAC address.

When a secure port receives a packet, the source MAC address of the packet is compared to the list of secure source addresses that were manually configured or autoconfigured (learned) on the port. If a MAC address of a device attached to the port differs from the list of secure addresses, the port either shuts down permanently (default mode), shuts down for the time you have specified, or drops incoming packets from the insecure host.

The port's behavior. depends on how you configure it to respond to a security violation. If a security violation occurs, the Link LED for that port turns orange, and a link-down trap is sent to the Simple Network Management Protocol (SNMP) manager. An SNMP trap is not sent if you configure the port for restrictive violation mode. A trap is sent only if you configure the port to shut down during a security violation.

第4题:

A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5.What command should be issued to accomplish this task?()

  • A、access-list 101 deny tcp192.168.1.1280.0.0.15192.168.1.50.0.0.0eq23 access-list 101 permit ip any any
  • B、access-list 101 deny tcp192.168.1.1280.0.0.240192.168.1.50.0.0.0eq23 access-list101permit ip any any
  • C、access-list 1 deny tcp192.168.1.1280.0.0.255192.168.1.50.0.0.0eq21 access-list1permit ip any any
  • D、access-list 1 deny tcp192.168.1.1280.0.0.15host192.168.1.5eq23 access-list1permit ip any any

正确答案:A

第5题:

A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()

  • A、access-list 101 deny tcp 192.168.1.128 0.0.015 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
  • B、access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any any
  • C、access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any any
  • D、access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
  • E、access-list 101 deny ip 192.168.1.128 0.0.0.240 192.158.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
  • F、access-list 101 deny ip 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any

正确答案:A

第6题:

An administrator wants to limit access of a wireless network without requiring authorized users toenter a password or network key.Which of the following methods would MOST likely be implemented on the wireless network?()

A. Disable SSID

B. WPA

C. MAC filtering

D. RAS


参考答案:A

第7题:

A customer wants to TFTP a new image from the corporate network to Flash on the Teleworker router through the IPSec tunnel. How should you configure the Teleworker router?()

  • A、No additional steps are required. 
  • B、Add the appropriate source-interface command. 
  • C、The router cannot access a server in the Enterprise Campus network. 
  • D、The Teleworker Router does not have any client applications; therefore this type of request is not possible.

正确答案:B

第8题:

An administrator wants to be alerted when a network-based attack is underway, but the company policy prohibits blocking or dropping network connections.Which of the following MUST be deployed?()

A.IDS

B.IPS

C.Firewall

D.Managed PKI


参考答案:A

第9题:

What are two reasons that a network administrator would use access lists (Choose two.)()。

  • A、to control vty access into a router
  • B、to control broadcast traffic through a router
  • C、to filter traffic as it passes through a router
  • D、to filter traffic that originates from the router
  • E、to replace passwords as a line of defense against security incursions

正确答案:A,C

第10题:

A user requests access to a new file share.The administrator adds the user to the group with the appropriate access.The user is still unable to access the share.Which of the following actions should the administrator do to resolve the permissions issue?()

  • A、Request the user to logoff and log back on.
  • B、Add the user as an administrator on their local machine.
  • C、Add the user as an administrator on the server.
  • D、Run an ipconfig /renew on the user’s machine.

正确答案:A

更多相关问题