单选题How would an administrator configure a VIO server to deny rsh connections from IP address 192.168.16.109?（）A chnetsvc rsh -o deny=192.168.16.109 B chtcpip -s rsh -o deny=192.168.16.109 C cfgsec -level high -deny port=514 -address 192.168.16.109D viosecure -firewall deny -port 514 -address 192.168.16.109

考题只封禁一台地址为193．62．40．230主机的access—list的正确配置是——。A．access—list 110 permit ip any any access—list 110 deny ip host 193．62．40．230 any access—list 1 10 deny ip any host 193．62．40．230B．access—list 110 denv ip host 193．62．40．230 any access—list 110 deny ip any host 193．62．40．230 access—-list 110 permit ip any anyC．access—list 110 deny ip host 193．62．40．230 any aCCeSS—list 110 deny ip any host 193．62．40．230D．access—list 110 deny ip host 193．62．40．230 any access—list 110 permit ip any any access—list 110 deny ip any host 193．62．40．230

查看答案

考题 The Ezonexam network administrator wants to ensure that only a single web server can connect to pot Fa0/1 on a catalyst switch. The server is plugged into the switch's Fast Eth. 0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of this server is allowed by switch port Fa0/1? (Choose two)A．Configure port Fa0/1 to accept connections only from the static IP address of the serverB．Configure the MAC address of the server as a static entry associated with port Fa0/1C．Employ a proprietary connector type on Fa0/1 that is incomputable with other host connectorsD．Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the serverE．Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address

查看答案

考题标准IP访问控制列表的基本格式为access-list[1ist number][permit|deny][host/any][sourceaddress][wild-card-mask][log]，请填写其参数描述。a、list number…………………………………… ______b、permit/deny………………………………… ______c、source address……………………………… ______d、host/any…………………………………… ______e、windcad-mask……………………………… ______

查看答案

考题 A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone.Which configuration statement would correctly accomplish this task?（）A. from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }B. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }C. from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }D. from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

查看答案

考题 HowwouldanadministratorconfigureaVIOservertodenyrshconnectionsfromIPaddress192.168.16.109?() A.chnetsvcrsh-odeny=192.168.16.109B.chtcpip-srsh-odeny=192.168.16.109C.cfgsec-levelhigh-denyport=514-address192.168.16.109D.viosecure-firewalldeny-port514-address192.168.16.109

查看答案

考题 R1 has correctly configured EIGRP to filter routes using a route map named question. The configuration that follows shows the entire route map and related configuration. Which of the following is true regarding the filtering action on prefix 10.10.10.0/24 in this case?（）route - map question deny 10match ip address 1route - map question permit 20match ip address prefix- list fred!access - list 1 deny 10.10.10.0 0.0.0.255ip prefix - list fred permit 10.10.10.0/23 le 25A. It will be filtered due to the deny action in route map clause 10B. It will be allowed because of the double negative (two deny references) in clause 10C. It will be permitted due to matching clause 20‘s reference to prefix - list freDD. It will be filtered due to matching the implied deny all route map clause at the end of the route map

查看答案

考题 Refer to the exhibit. A new TAC engineer comes to you for advice. The engineer wants to configure RIPv2 - OSPF two - way redistribution while avoiding routing loops. Which two additio ns to the router B1 configuration should the engineer make?（）A. access - list 40 deny 172.16.1.0 0.0.0.255 access - list 40 permit any router rip redistribute ospf 100 metric 5 distribute- list 40 out ospf 100B. ip prefix - list rip_routes permit 172. 16.1.16/25 ge 26 le 28 route - map redis - ospf deny 10 match ip address prefix- list rip_routes router rip redistribute ospf 10 route - map redis - ospf subnetsC. ip prefix - list rip - to - ospf permit 10.1.1.8/25 ge 26 le 28 route - map redis - rip deny 20 match i p address prefix - list rip - to - ospf router ospf 100 redistribute rip route - map redis - rip subnetsD. access - list 15 deny 10.1.1.0 0.0.0.63 access - list 15 permit any route - map redis - rip deny 10 match ip address 15 route - map redis - rip permit 20 router os pf 100 redistribute rip route - map redis - rip subnets

查看答案

考题 Which of the following access list statements would deny traffic from a specifichost?() A. Router(config)# access-list 1 deny 172.31.212.74 anyB. Router(config)# access-list 1 deny 10.6.111.48 hostC. Router(config)# access-list 1 deny 172.16.4.13 0.0.0.0D. Router(config)# access-list 1 deny 192.168.14.132 255.255.255.0E. Router(config)# access-list 1 deny 192.168.166.127 255.255.255.255

查看答案

考题 A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1?（）A. Configure port Fa0/1 to accept connections only from the static IP address of the server.B. Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.C. Configure the MAC address of the server as a static entry associated with port Fa0/1.D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.E. Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.F. Configure an access list on the switch to deny server traffic from entering any port other than Fa0/1.

查看答案

考题 An access list has been designed to prevent HTTP traffic from the Accounting Department from reaching the HR server attached to the Holyoke router. Which of the following access lists will accomplish this task when grouped with the e0 interface on the Chicopee router（）。A. permit ip any any deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80B. permit ip any any deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80C. deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80 permit ip any anyD. deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 permit ip any any

查看答案

考题根据下图,该access list被配置在路由器RTB的S0／0接口上的OUT方向,哪两个数据包会被DENY,如果被路由到该接口上的话?() A.source ip address：192.168.15.5 destination port：21B.source ip address：192.168.15.37 destination port：21C.ssource ip address192.168.15.41 destination port：21D.source ip address：192.168.15.36 destination port：23E.source ip address：192.168.15.46 destination port：23F.source ip address：192.168.15.49 destination port：23

查看答案

考题只封禁一台地址为193.62.40.230主机的access-list的正确配置是A．access-list 110 permit ip any any access-list 110 deny ip host 193.62.40.230 any access-list 110 deny ip any host 193.62.40.230B．access-list 110 deny ip host 193.62.40.230any access-list 110 deny ip any host 193.62.40.230 access-list 110 permit ip any anyC．access-list 110 deny ip host 193.62.40.230 any access-list 110 deny ip any host 193.62.40.230D．access-list 110 deny ip host 193.62.40.230 any access-list 110 permit ip any any access-list 110 deny ip any host 193.62.40.230

查看答案

考题 Which one of the access control list statements below will deny all telnet connections to subnet 10.10.1.0/24?（）A、access-list 15 deny telnet any 10.10.1.0 0.0.0.255 eq 23B、access-list 115 deny udp any 10.10.1.0 eq telnetC、access-list 15 deny tcp 10.10.1.0 255.255.255.0 eq telnetD、access-list 115 deny tcp any 10.10.1.0 0.0.0.255 eq 23E、access-list 15 deny udp any 10.10.1.0 255.255.255.0 eq 23

查看答案

考题 Which of the following access list statements would deny traffic from a specifichost?（）A、Router(config)# access-list 1 deny 172.31.212.74 anyB、Router(config)# access-list 1 deny 10.6.111.48 hostC、Router(config)# access-list 1 deny 172.16.4.13 0.0.0.0D、Router(config)# access-list 1 deny 192.168.14.132 255.255.255.0E、Router(config)# access-list 1 deny 192.168.166.127 255.255.255.255

查看答案

考题 In Windows server permissions， an implicit deny：（）A、denies all accounts except an administrator account.B、will always result in a deny.C、will be overridden by an explicit allow.D、will lock the account out of the server.

查看答案

考题 A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone. Which configuration statement would correctly accomplish this task?（）A、from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }B、from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }C、from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }D、from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

查看答案

考题 Apache服务器对目录的默认访问控制是什么？（）A、“Deny” from “All”B、Order Deny，“All”C、Order Deny，AllowD、“Allow” from“ All”

查看答案

考题 How would an administrator configure a VIO server to deny rsh connections from IP address 192.168.16.109?（）A、chnetsvc rsh -o deny=192.168.16.109 B、chtcpip -s rsh -o deny=192.168.16.109 C、cfgsec -level high -deny port=514 -address 192.168.16.109D、viosecure -firewall deny -port 514 -address 192.168.16.109

查看答案

考题多选题A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1 (Choose two.)（）。AConfigure port Fa0/1 to accept connections only from the static IP address of the server.BEmploy a proprietary connector type on Fa0/1 that is incompatible with other host connectors.CConfigure the MAC address of the server as a static entry associated with port Fa0/1.DBind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.EConfigure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.FConfigure an access list on the switch to deny server traffic from entering any port other than Fa0/1.

查看答案

考题单选题How would an administrator configure a VIO server to deny rsh connections from IP address 192.168.16.109?（）A chnetsvc rsh -o deny=192.168.16.109 B chtcpip -s rsh -o deny=192.168.16.109 C cfgsec -level high -deny port=514 -address 192.168.16.109D viosecure -firewall deny -port 514 -address 192.168.16.109

查看答案

考题单选题A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in a zone called UNTRUST to the address book entry Server in a zone called TRUST. However, the administrator does not want the server to be able to initiate any type of traffic from the TRUST zone to the UNTRUST zone. Which configuration statement would correctly accomplish this task?（）A from-zone UNTRUST to-zone TRUST { policy DenyServer { match { source-address any; destination-address any; application any; } then { deny; } } } from-zone TRUST to-zone UNTRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }B from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then {deny; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }C from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match { source-address the10net; destination-address Server; application junos-ftp; } then { permit; } } }D from-zone TRUST to-zone UNTRUST { policy DenyServer { match { source-address Server; destination-address any; application any; } then { permit; } } } from-zone UNTRUST to-zone TRUST { policy AllowTelnetin { match {source-address the10net; destination-address Server; application junos-telnet; } then { permit; } } }

查看答案

考题单选题R1 has correctly configured EIGRP to filter routes using a route map named question. The configuration that follows shows the entire route map and related configuration. Which of the following is true regarding the filtering action on prefix 10.10.10.0/24 in this case?（） route - map question deny 10 match ip address 1 route - map question permit 20 match ip address prefix- list fred ! access - list 1 deny 10.10.10.0 0.0.0.255 ip prefix - list fred permit 10.10.10.0/23 le 25A It will be filtered due to the deny action in route map clause 10B It will be allowed because of the double negative (two deny references) in clause 10C It will be permitted due to matching clause 20's reference to prefix - list freDD It will be filtered due to matching the implied deny all route map clause at the end of the route map

查看答案

考题单选题A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?（）A access-list 101 deny tcp 192.168.1.128 0.0.015 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any anyB access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any anyC access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any anyD access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any anyE access-list 101 deny ip 192.168.1.128 0.0.0.240 192.158.1.5 0.0.0.0 eq 23 access-list 101 permit ip any anyF access-list 101 deny ip 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any

查看答案

考题单选题In Windows server permissions， an implicit deny：（）A denies all accounts except an administrator account.B will always result in a deny.C will be overridden by an explicit allow.D will lock the account out of the server.

查看答案

考题单选题Router R1 refers to route - map fred when redistributing from EIGRP into OSPF. The entire route - map is listed next. Which of the following answers must be true based on the configuration as shown?（） route - map fred deny 10 match ip address one route - map fred deny 20 match ip address two route - map fred permit 100A The third route map clause will allow any routes not already filtered by the first two clausesB R outes permitted by ACL two will be redistributedC Routes denied by ACL one will be redistributedD All routes will be filtereD

查看答案

考题单选题Which of the following access list statements would deny traffic from a specifichost?（）A Router(config)# access-list 1 deny 172.31.212.74 anyB Router(config)# access-list 1 deny 10.6.111.48 hostC Router(config)# access-list 1 deny 172.16.4.13 0.0.0.0D Router(config)# access-list 1 deny 192.168.14.132 255.255.255.0E Router(config)# access-list 1 deny 192.168.166.127 255.255.255.255

查看答案

考题单选题Which one of the access control list statements below will deny all telnet connections to subnet 10.10.1.0/24?（）A access-list 15 deny telnet any 10.10.1.0 0.0.0.255 eq 23B access-list 115 deny udp any 10.10.1.0 eq telnetC access-list 15 deny tcp 10.10.1.0 255.255.255.0 eq telnetD access-list 115 deny tcp any 10.10.1.0 0.0.0.255 eq 23E access-list 15 deny udp any 10.10.1.0 255.255.255.0 eq 23

查看答案

考题多选题A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1?（）AConfigure port Fa0/1 to accept connections only from the static IP address of the server.BEmploy a proprietary connector type on Fa0/1 that is incompatible with other host connectors.CConfigure the MAC address of the server as a static entry associated with port Fa0/1.DBind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.EConfigure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.FConfigure an access list on the switch to deny server traffic from entering any port other than Fa0/1.

查看答案

网友您好， 请在下方输入框内输入要搜索的题目：

网友您好，请在下方输入框内输入要搜索的题目：