SlideShare ist ein Scribd-Unternehmen logo

Ccna 3 Chapter 8 V4.0 Answers

C
ccna4discovery

CCNA Discovery Answers, CCNA 4.1 Answers, CCNA Discovery 4.0 Answers, CCNA Discovery 4.1 Answers, CCNA 4.1 Answer Chapter 1, CCNA 4.1 Answer Chapter 2, CCNA 4.1 Answer Chapter 3, CCNA 4.1 Answer Chapter 4, CCNA 4.1 Answer Chapter 5, CCNA 4.1 Answer Chapter 6, CCNA 4.1 Answer Chapter 7, CCNA 4.1 Answer Chapter 8, CCNA 4.1 Answer Chapter 9

TechnologieBusiness
1 von 7
Downloaden Sie, um offline zu lesen
CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ CCNA 3 Chapter 8 V4.0 Labels: CCNA 3 Chapter 8 V4.0 1. Refer to the exhibit. A network administrator needs to add the command deny ip 10.0.0.0 0.255.255.255 any log to R3. After adding the command, the administrator verifies the change using the show access-list command. What sequence number does the new entry have? 0 10, and all other items are shifted down to the next sequence number 50 60 ***** 2 Refer to the exhibit. What happens if the network administrator issues the commands shown when an ACL called Managers already exists on the router? The new commands overwrite the current Managers ACL. The new commands are added to the end of the current Managers ACL. ***** The new commands are added to the beginning of the current Managers ACL. An error appears stating that the ACL already exists. 3 Why are inbound ACLs more efficient for the router than outbound ACLs? Inbound ACLs deny packets before routing lookups are required. ***** Inbound ACL operation requires less network bandwidth than outbound. Inbound ACLs permit or deny packets to LANs, which are typically more efficient than WANs. Inbound ACLs are applied to Ethernet interfaces, while outbound ACLs are applied to slower serial interfaces. 4 Refer to the exhibit. The network administrator of a company needs to configure the router RTA to allow its business partner (Partner A) to access the web server located in the internal network. The web server is assigned a private IP address, and a static NAT is configured on the router for its public IP address. Finally, the administrator adds the ACL. However, Partner A is denied access to the web server. What is the cause of the problem? Port 80 should be specified in the ACL. ***** The public IP address of the server, 209.165.201.5, should be specified as the destination. The ACL should be applied on the s0/0 outbound interface. The source address should be specified as 198.133.219.0 255.255.255.0 in the ACL.
CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ 5 ACL logging generates what type of syslog message? unstable network warning informational ***** critical situation 6 Which two host addresses are included in the range specified by 172.16.31.64 0.0.0.31? (Choose two.) 172.16.31.64 172.16.31.77 **** 172.16.31.78 **** 172.16.31.95 172.16.31.96 7 Traffic from the 64.104.48.0 to 64.104.63.255 range must be denied access to the network. What wildcard mask would the network administrator configure in the access list to cover this range? 0.0.15.255 ***** 0.0.47.255 0.0.63.255 255.255.240.0 8 ACLs are used primarily to filter traffic. What are two additional uses of ACLs? (Choose two.) specifying source addresses for authentication specifying internal hosts for NAT **** identifying traffic for QoS **** reorganizing traffic into VLANs filtering VTP packets 9 What can an administrator do to ensure that ICMP DoS attacks from the outside are mitigated as much as possible, without hampering connectivity tests initiated from the inside out? Create an access list permitting only echo reply and destination unreachable packets
CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ from the outside. **** Create an access list denying all ICMP traffic coming from the outside. Permit ICMP traffic from only known external sources. Create an access list with the established keyword at the end of the line. 10 What effect does the command reload in 30 have when entered into a router? If a router process freezes, the router reloads automatically. If a packet from a denied source attempts to enter an interface where an ACL is applied, the router reloads in 30 minutes. If a remote connection lasts for longer than 30 minutes, the router forces the remote user off. A router automatically reloads in 30 minutes. ***** 11 Refer to the exhibit. The following commands were entered on RTB. RTB(config)# access-list 4 deny 192.168.20.16 0.0.0.15 RTB(config)# access-list 4 permit any RTB(config)# interface serial 0/0/0 RTB(config-if)# ip access-group 4 in Which addresses do these commands block access to RTB? 192.168.20.17 to 192.168.20.31 192.168.20.16 to 192.168.20.31 ****** 192.168.20.16 to 192.168.20.32 192.168.20.16 to 192.168.20.33 12 Refer to the exhibit. The new security policy for the company allows all IP traffic from the Engineering LAN to the Internet while only web traffic from the Marketing LAN is allowed to the Internet. Which ACL can be applied in the outbound direction of Serial 0/1 on the Marketing router to implement the new security policy? access-list 197 permit ip 192.0.2.0 0.0.0.255 any access-list 197 permit ip 198.18.112.0 0.0.0.255 any eq www access-list 165 permit ip 192.0.2.0 0.0.0.255 any access-list 165 permit tcp 198.18.112.0 0.0.0.255 any eq www access-list 165 permit ip any any access-list 137 permit ip 192.0.2.0 0.0.0.255 any
CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ access-list 137 permit tcp 198.18.112.0 0.0.0.255 any eq www ****** access-list 89 permit 192.0.2.0 0.0.0.255 any access-list 89 permit tcp 198.18.112.0 0.0.0.255 any eq www 13 Which three statements are true concerning standard and extended ACLs? (Choose three.) Extended ACLs are usually placed so that all packets go through the network and are filtered at the destination. Standard ACLs are usually placed so that all packets go through the network and are filtered at the destination. **** Extended ACLs filter based on source address only, and must be placed near the destination if other traffic is to flow. Standard ACLs filter based on source address only, and must be placed near the destination if other traffic is to flow. **** Extended ACLs filter with many possible factors, and they allow only desired packets to pass through the network if placed near the source. **** Standard ACLs filter with many possible factors, and they allow only desired packets to pass through the network if placed near the source. 14 Refer to the exhibit. Company policy for the network that is shown indicates the following guidelines: 1) All hosts on the 192.168.3.0/24 network, except host 192.168.3.77, should be able to reach the 192.168.2.0/24 network. 2) All hosts on the 192.168.3.0/24 network should be able to reach the 192.168.1.0/24 network. 3) All other traffic originating from the 192.168.3.0 network should be denied. Which set of ACL statements meets the stated requirements when they are applied to the Fa0/0 interface of router R2 in the inbound direction? access-list 101 deny ip any any access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 ********
CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 101 permit ip any any access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.255.255 15 Hosts from the Limerick LAN are not allowed access to the Shannon LAN but should be able to access the Internet. Which set of commands will create a standard ACL that will apply to traffic on the Shannon router interface Fa0/0 implementing this security? access-list 42 deny 172.19.123.0 0.0.0.255 192.0.2.0 0.0.0.255 access-list 42 permit any access-list 56 deny 172.19.123.0 0.0.0.255**** access-list 56 permit any access-list 61 deny 172.19.123.0 0.0.0.0 access-list 61 permit any access-list 87 deny ip any 192.0.2.0 0.0.0.255 access-list 87 permit ip any 16 Refer to the exhibit. A network administrator needs to configure an access list that will allow the management host with an IP address of 192.168.10.25/24 to be the only host to remotely access and configure router RTA. All vty and enable passwords are configured on the router. Which group of commands will accomplish this task? Router(config)# access-list 101 permit tcp any 192.168.10.25 0.0.0.0 eq telnet Router(config)# access-list 101 deny ip any any ****** Router(config)# int s0/0 Router(config-if)# ip access-group 101 in Router(config-if)# int fa0/0 Router(config-if)#ip access-group 101 in Router(config)# access-list 10 permit 192.168.10.25 eq telnet Router(config)# access-list 10 deny any
CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ Router(config)# line vty 0 4 Router(config-line)#access-group 10 in Router(config)# access-list 86 permit host 192.168.10.25 Router(config)# line vty 0 4 Router(config-line)# access-class 86 in Router(config)# access-list 125 permit tcp 192.168.10.25 any eq telnet Router(config)# access-list 125 deny ip any any Router(config)# int s0/0 Router(config-if)# ip access-group 125 in 17 Which ACL permits host 10.220.158.10 access to the web server 192.168.3.244? access-list 101 permit tcp host 10.220.158.10 eq 80 host 192.168.3.224 access-list 101 permit tcp 10.220.158.10 0.0.0.0 host 192.168.3.224 0.0.0.0 eq 80 access-list 101 permit host 10.220.158.10 0.0.0.0 host 192.168.3.224 0.0.0.0 eq 80 access-list 101 permit tcp 10.220.158.10 0.0.0.0 host 192.168.3.224 eq 80 ***** 18 Which wildcard mask would match the host range for the subnet 192.16.5.32 /27? 0.0.0.32 0.0.0.63 0.0.63.255 0.0.0.31 ***** 19 A security administrator wants to secure password exchanges on the vty lines on all routers in the enterprise. What option should be implemented to ensure that passwords are not sent in clear text across the public network? Use Telnet with an authentication server to ensure effective authentication. Apply an access list on the router interfaces to allow only authorized computers. Apply an access list on the vty line to allow only authorized computers. Use only Secure Shell (SSH) on the vty lines. ***** 20 Refer to the exhibit. An administrator notes a significant increase in the amount of traffic entering the network from the ISP. The administrator clears the access-list counters. After a few minutes, the administrator again checks the access-list table.
CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ What can be concluded from the most recent output shown? A small amount of HTTP trafic is an indication that the web server was not configured correctly. A larger amount of POP3 traffic (compared with SMTP traffic) indicates that there are more POP3 email clients than SMTP clients in the enterprise. A large amount of ICMP traffic is being denied at the interface, which can be an indication of a DoS attack. ***** A larger amount of email traffic (compared with web traffic) is an indication that attackers mainly targeted the email server.

Empfohlen

Ccna 2 Chapter 8 V4.0 Answers
Ccna 2 Chapter 8 V4.0 AnswersCcna 2 Chapter 8 V4.0 Answers
Ccna 2 Chapter 8 V4.0 Answersccna4discovery
 
Ccna 2 Chapter 8 V4.1 Answers
Ccna 2 Chapter 8 V4.1 AnswersCcna 2 Chapter 8 V4.1 Answers
Ccna 2 Chapter 8 V4.1 Answersccna4discovery
 
Ccna 4 Chapter 9 V4.0 Answers
Ccna 4 Chapter 9 V4.0 AnswersCcna 4 Chapter 9 V4.0 Answers
Ccna 4 Chapter 9 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 2 V4.0 Answers
Ccna 4 Chapter 2 V4.0 AnswersCcna 4 Chapter 2 V4.0 Answers
Ccna 4 Chapter 2 V4.0 Answersccna4discovery
 
Ccna 1 Chapter 1 V4.0 Answers
Ccna 1 Chapter 1 V4.0 AnswersCcna 1 Chapter 1 V4.0 Answers
Ccna 1 Chapter 1 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 3 V4.0 Answers
Ccna 4 Chapter 3 V4.0 AnswersCcna 4 Chapter 3 V4.0 Answers
Ccna 4 Chapter 3 V4.0 Answersccna4discovery
 
Poultry project report
Poultry project reportPoultry project report
Poultry project reportSWAINkumarDEEPAK
 
Ccna 4 Chapter 5 V4.0 Answers
Ccna 4 Chapter 5 V4.0 AnswersCcna 4 Chapter 5 V4.0 Answers
Ccna 4 Chapter 5 V4.0 Answersccna4discovery
 

Empfohlen

Ccna 2 Chapter 8 V4.0 Answers
Ccna 2 Chapter 8 V4.0 AnswersCcna 2 Chapter 8 V4.0 Answers
Ccna 2 Chapter 8 V4.0 Answersccna4discovery
 
Ccna 2 Chapter 8 V4.1 Answers
Ccna 2 Chapter 8 V4.1 AnswersCcna 2 Chapter 8 V4.1 Answers
Ccna 2 Chapter 8 V4.1 Answersccna4discovery
 
Ccna 4 Chapter 9 V4.0 Answers
Ccna 4 Chapter 9 V4.0 AnswersCcna 4 Chapter 9 V4.0 Answers
Ccna 4 Chapter 9 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 2 V4.0 Answers
Ccna 4 Chapter 2 V4.0 AnswersCcna 4 Chapter 2 V4.0 Answers
Ccna 4 Chapter 2 V4.0 Answersccna4discovery
 
Ccna 1 Chapter 1 V4.0 Answers
Ccna 1 Chapter 1 V4.0 AnswersCcna 1 Chapter 1 V4.0 Answers
Ccna 1 Chapter 1 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 3 V4.0 Answers
Ccna 4 Chapter 3 V4.0 AnswersCcna 4 Chapter 3 V4.0 Answers
Ccna 4 Chapter 3 V4.0 Answersccna4discovery
 
Poultry project report
Poultry project reportPoultry project report
Poultry project reportSWAINkumarDEEPAK
 
Ccna 4 Chapter 5 V4.0 Answers
Ccna 4 Chapter 5 V4.0 AnswersCcna 4 Chapter 5 V4.0 Answers
Ccna 4 Chapter 5 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 8 V4.0 Answers
Ccna 4 Chapter 8 V4.0 AnswersCcna 4 Chapter 8 V4.0 Answers
Ccna 4 Chapter 8 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 AnswersCcna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 4 V4.0 Answers
Ccna 4 Chapter 4 V4.0 AnswersCcna 4 Chapter 4 V4.0 Answers
Ccna 4 Chapter 4 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 1 V4.0 Answers
Ccna 4 Chapter 1 V4.0 AnswersCcna 4 Chapter 1 V4.0 Answers
Ccna 4 Chapter 1 V4.0 Answersccna4discovery
 
Ccna 3 Final V4.0 Answers
Ccna 3 Final V4.0 AnswersCcna 3 Final V4.0 Answers
Ccna 3 Final V4.0 Answersccna4discovery
 
Ccna 3 Chapter 9 V4.0 Answers
Ccna 3 Chapter 9 V4.0 AnswersCcna 3 Chapter 9 V4.0 Answers
Ccna 3 Chapter 9 V4.0 Answersccna4discovery
 
Ccna 3 Chapter 6 V4.0 Answers
Ccna 3 Chapter 6 V4.0 AnswersCcna 3 Chapter 6 V4.0 Answers
Ccna 3 Chapter 6 V4.0 Answersccna4discovery
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Weitere ähnliche Inhalte

Mehr von ccna4discovery

Ccna 4 Chapter 8 V4.0 Answers
Ccna 4 Chapter 8 V4.0 AnswersCcna 4 Chapter 8 V4.0 Answers
Ccna 4 Chapter 8 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 AnswersCcna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 4 V4.0 Answers
Ccna 4 Chapter 4 V4.0 AnswersCcna 4 Chapter 4 V4.0 Answers
Ccna 4 Chapter 4 V4.0 Answersccna4discovery
 
Ccna 4 Chapter 1 V4.0 Answers
Ccna 4 Chapter 1 V4.0 AnswersCcna 4 Chapter 1 V4.0 Answers
Ccna 4 Chapter 1 V4.0 Answersccna4discovery
 
Ccna 3 Final V4.0 Answers
Ccna 3 Final V4.0 AnswersCcna 3 Final V4.0 Answers
Ccna 3 Final V4.0 Answersccna4discovery
 
Ccna 3 Chapter 9 V4.0 Answers
Ccna 3 Chapter 9 V4.0 AnswersCcna 3 Chapter 9 V4.0 Answers
Ccna 3 Chapter 9 V4.0 Answersccna4discovery
 
Ccna 3 Chapter 6 V4.0 Answers
Ccna 3 Chapter 6 V4.0 AnswersCcna 3 Chapter 6 V4.0 Answers
Ccna 3 Chapter 6 V4.0 Answersccna4discovery
 

Mehr von ccna4discovery (7)

Ccna 4 Chapter 8 V4.0 Answers
Ccna 4 Chapter 8 V4.0 AnswersCcna 4 Chapter 8 V4.0 Answers
Ccna 4 Chapter 8 V4.0 Answers
 
Ccna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 AnswersCcna 4 Chapter 7 V4.0 Answers
Ccna 4 Chapter 7 V4.0 Answers
 
Ccna 4 Chapter 4 V4.0 Answers
Ccna 4 Chapter 4 V4.0 AnswersCcna 4 Chapter 4 V4.0 Answers
Ccna 4 Chapter 4 V4.0 Answers
 
Ccna 4 Chapter 1 V4.0 Answers
Ccna 4 Chapter 1 V4.0 AnswersCcna 4 Chapter 1 V4.0 Answers
Ccna 4 Chapter 1 V4.0 Answers
 
Ccna 3 Final V4.0 Answers
Ccna 3 Final V4.0 AnswersCcna 3 Final V4.0 Answers
Ccna 3 Final V4.0 Answers
 
Ccna 3 Chapter 9 V4.0 Answers
Ccna 3 Chapter 9 V4.0 AnswersCcna 3 Chapter 9 V4.0 Answers
Ccna 3 Chapter 9 V4.0 Answers
 
Ccna 3 Chapter 6 V4.0 Answers
Ccna 3 Chapter 6 V4.0 AnswersCcna 3 Chapter 6 V4.0 Answers
Ccna 3 Chapter 6 V4.0 Answers
 

Kürzlich hochgeladen

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Kürzlich hochgeladen (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Ccna 3 Chapter 8 V4.0 Answers

  • 1. CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ CCNA 3 Chapter 8 V4.0 Labels: CCNA 3 Chapter 8 V4.0 1. Refer to the exhibit. A network administrator needs to add the command deny ip 10.0.0.0 0.255.255.255 any log to R3. After adding the command, the administrator verifies the change using the show access-list command. What sequence number does the new entry have? 0 10, and all other items are shifted down to the next sequence number 50 60 ***** 2 Refer to the exhibit. What happens if the network administrator issues the commands shown when an ACL called Managers already exists on the router? The new commands overwrite the current Managers ACL. The new commands are added to the end of the current Managers ACL. ***** The new commands are added to the beginning of the current Managers ACL. An error appears stating that the ACL already exists. 3 Why are inbound ACLs more efficient for the router than outbound ACLs? Inbound ACLs deny packets before routing lookups are required. ***** Inbound ACL operation requires less network bandwidth than outbound. Inbound ACLs permit or deny packets to LANs, which are typically more efficient than WANs. Inbound ACLs are applied to Ethernet interfaces, while outbound ACLs are applied to slower serial interfaces. 4 Refer to the exhibit. The network administrator of a company needs to configure the router RTA to allow its business partner (Partner A) to access the web server located in the internal network. The web server is assigned a private IP address, and a static NAT is configured on the router for its public IP address. Finally, the administrator adds the ACL. However, Partner A is denied access to the web server. What is the cause of the problem? Port 80 should be specified in the ACL. ***** The public IP address of the server, 209.165.201.5, should be specified as the destination. The ACL should be applied on the s0/0 outbound interface. The source address should be specified as 198.133.219.0 255.255.255.0 in the ACL.
  • 2. CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ 5 ACL logging generates what type of syslog message? unstable network warning informational ***** critical situation 6 Which two host addresses are included in the range specified by 172.16.31.64 0.0.0.31? (Choose two.) 172.16.31.64 172.16.31.77 **** 172.16.31.78 **** 172.16.31.95 172.16.31.96 7 Traffic from the 64.104.48.0 to 64.104.63.255 range must be denied access to the network. What wildcard mask would the network administrator configure in the access list to cover this range? 0.0.15.255 ***** 0.0.47.255 0.0.63.255 255.255.240.0 8 ACLs are used primarily to filter traffic. What are two additional uses of ACLs? (Choose two.) specifying source addresses for authentication specifying internal hosts for NAT **** identifying traffic for QoS **** reorganizing traffic into VLANs filtering VTP packets 9 What can an administrator do to ensure that ICMP DoS attacks from the outside are mitigated as much as possible, without hampering connectivity tests initiated from the inside out? Create an access list permitting only echo reply and destination unreachable packets
  • 3. CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ from the outside. **** Create an access list denying all ICMP traffic coming from the outside. Permit ICMP traffic from only known external sources. Create an access list with the established keyword at the end of the line. 10 What effect does the command reload in 30 have when entered into a router? If a router process freezes, the router reloads automatically. If a packet from a denied source attempts to enter an interface where an ACL is applied, the router reloads in 30 minutes. If a remote connection lasts for longer than 30 minutes, the router forces the remote user off. A router automatically reloads in 30 minutes. ***** 11 Refer to the exhibit. The following commands were entered on RTB. RTB(config)# access-list 4 deny 192.168.20.16 0.0.0.15 RTB(config)# access-list 4 permit any RTB(config)# interface serial 0/0/0 RTB(config-if)# ip access-group 4 in Which addresses do these commands block access to RTB? 192.168.20.17 to 192.168.20.31 192.168.20.16 to 192.168.20.31 ****** 192.168.20.16 to 192.168.20.32 192.168.20.16 to 192.168.20.33 12 Refer to the exhibit. The new security policy for the company allows all IP traffic from the Engineering LAN to the Internet while only web traffic from the Marketing LAN is allowed to the Internet. Which ACL can be applied in the outbound direction of Serial 0/1 on the Marketing router to implement the new security policy? access-list 197 permit ip 192.0.2.0 0.0.0.255 any access-list 197 permit ip 198.18.112.0 0.0.0.255 any eq www access-list 165 permit ip 192.0.2.0 0.0.0.255 any access-list 165 permit tcp 198.18.112.0 0.0.0.255 any eq www access-list 165 permit ip any any access-list 137 permit ip 192.0.2.0 0.0.0.255 any
  • 4. CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ access-list 137 permit tcp 198.18.112.0 0.0.0.255 any eq www ****** access-list 89 permit 192.0.2.0 0.0.0.255 any access-list 89 permit tcp 198.18.112.0 0.0.0.255 any eq www 13 Which three statements are true concerning standard and extended ACLs? (Choose three.) Extended ACLs are usually placed so that all packets go through the network and are filtered at the destination. Standard ACLs are usually placed so that all packets go through the network and are filtered at the destination. **** Extended ACLs filter based on source address only, and must be placed near the destination if other traffic is to flow. Standard ACLs filter based on source address only, and must be placed near the destination if other traffic is to flow. **** Extended ACLs filter with many possible factors, and they allow only desired packets to pass through the network if placed near the source. **** Standard ACLs filter with many possible factors, and they allow only desired packets to pass through the network if placed near the source. 14 Refer to the exhibit. Company policy for the network that is shown indicates the following guidelines: 1) All hosts on the 192.168.3.0/24 network, except host 192.168.3.77, should be able to reach the 192.168.2.0/24 network. 2) All hosts on the 192.168.3.0/24 network should be able to reach the 192.168.1.0/24 network. 3) All other traffic originating from the 192.168.3.0 network should be denied. Which set of ACL statements meets the stated requirements when they are applied to the Fa0/0 interface of router R2 in the inbound direction? access-list 101 deny ip any any access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 ********
  • 5. CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255 access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 101 permit ip any any access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255 access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.255.255 15 Hosts from the Limerick LAN are not allowed access to the Shannon LAN but should be able to access the Internet. Which set of commands will create a standard ACL that will apply to traffic on the Shannon router interface Fa0/0 implementing this security? access-list 42 deny 172.19.123.0 0.0.0.255 192.0.2.0 0.0.0.255 access-list 42 permit any access-list 56 deny 172.19.123.0 0.0.0.255**** access-list 56 permit any access-list 61 deny 172.19.123.0 0.0.0.0 access-list 61 permit any access-list 87 deny ip any 192.0.2.0 0.0.0.255 access-list 87 permit ip any 16 Refer to the exhibit. A network administrator needs to configure an access list that will allow the management host with an IP address of 192.168.10.25/24 to be the only host to remotely access and configure router RTA. All vty and enable passwords are configured on the router. Which group of commands will accomplish this task? Router(config)# access-list 101 permit tcp any 192.168.10.25 0.0.0.0 eq telnet Router(config)# access-list 101 deny ip any any ****** Router(config)# int s0/0 Router(config-if)# ip access-group 101 in Router(config-if)# int fa0/0 Router(config-if)#ip access-group 101 in Router(config)# access-list 10 permit 192.168.10.25 eq telnet Router(config)# access-list 10 deny any
  • 6. CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ Router(config)# line vty 0 4 Router(config-line)#access-group 10 in Router(config)# access-list 86 permit host 192.168.10.25 Router(config)# line vty 0 4 Router(config-line)# access-class 86 in Router(config)# access-list 125 permit tcp 192.168.10.25 any eq telnet Router(config)# access-list 125 deny ip any any Router(config)# int s0/0 Router(config-if)# ip access-group 125 in 17 Which ACL permits host 10.220.158.10 access to the web server 192.168.3.244? access-list 101 permit tcp host 10.220.158.10 eq 80 host 192.168.3.224 access-list 101 permit tcp 10.220.158.10 0.0.0.0 host 192.168.3.224 0.0.0.0 eq 80 access-list 101 permit host 10.220.158.10 0.0.0.0 host 192.168.3.224 0.0.0.0 eq 80 access-list 101 permit tcp 10.220.158.10 0.0.0.0 host 192.168.3.224 eq 80 ***** 18 Which wildcard mask would match the host range for the subnet 192.16.5.32 /27? 0.0.0.32 0.0.0.63 0.0.63.255 0.0.0.31 ***** 19 A security administrator wants to secure password exchanges on the vty lines on all routers in the enterprise. What option should be implemented to ensure that passwords are not sent in clear text across the public network? Use Telnet with an authentication server to ensure effective authentication. Apply an access list on the router interfaces to allow only authorized computers. Apply an access list on the vty line to allow only authorized computers. Use only Secure Shell (SSH) on the vty lines. ***** 20 Refer to the exhibit. An administrator notes a significant increase in the amount of traffic entering the network from the ISP. The administrator clears the access-list counters. After a few minutes, the administrator again checks the access-list table.
  • 7. CCNA Discovery 4.1 - CCNA Discovery Answers http://ccna-discovery-4.blogspot.com/ What can be concluded from the most recent output shown? A small amount of HTTP trafic is an indication that the web server was not configured correctly. A larger amount of POP3 traffic (compared with SMTP traffic) indicates that there are more POP3 email clients than SMTP clients in the enterprise. A large amount of ICMP traffic is being denied at the interface, which can be an indication of a DoS attack. ***** A larger amount of email traffic (compared with web traffic) is an indication that attackers mainly targeted the email server.