网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
定义一个用于封禁ICMP协议而只允许转发166.129.130.0/24子网的ICMP数据包的访问控制列表,Cisco路由器的正确配置是( )。
A) access-list 198 permit icmp 166.129.130.0 255.255.255.0 any
access-list 198 deny icmp any any
access-list 198 permit ip any any
B) access-list 198 permit icmp 166.129.130.0 0.0.0 255 any
access-list 198 deny icmp any any
access-list 198 permit ip any any
C) access-list 99 permit icmp 166.129.130.0 0.0.0 255 any
access-list 99 deny icmp any any
access-list 99 permit ip any any
D) access-list 100 permit icmp 166.129.130.0 0.0.0 255 any
access-list 100 pernut ip any any
access-list 100 deny icmp any any
参考答案
更多 “ 定义一个用于封禁ICMP协议而只允许转发166.129.130.0/24子网的ICMP数据包的访问控制列表,Cisco路由器的正确配置是( )。A) access-list 198 permit icmp 166.129.130.0 255.255.255.0 anyaccess-list 198 deny icmp any anyaccess-list 198 permit ip any anyB) access-list 198 permit icmp 166.129.130.0 0.0.0 255 anyaccess-list 198 deny icmp any anyaccess-list 198 permit ip any anyC) access-list 99 permit icmp 166.129.130.0 0.0.0 255 anyaccess-list 99 deny icmp any anyaccess-list 99 permit ip any anyD) access-list 100 permit icmp 166.129.130.0 0.0.0 255 anyaccess-list 100 pernut ip any anyaccess-list 100 deny icmp any any ” 相关考题
考题
在Cisco路由器上,用扩展访问控制列表封禁IP地址为211.102.33.24的主机,正确的配置语句是______。A.access-list 99 deny ip host 211.102.33.24 any access-list 99 deny ip any host 211.102.33.24 access-list 99 permit ip any anyB.access-list 100 permit ip any any access-list 100 deny ip host 211.102.33.24 any access-list 100 deny ip any host 211.102.33.24C.access-list 199 deny ip host 211.102-33.24 any access-list 199 deny ip any host 211.102.33.24 access-list 199 permit ip any anyD.access-list 166 deny ip host 211.102.33.24 any access-list 166 permit ip any any
考题
拒绝转发所有IP地址进与出方向的、端口号为1434的UDP和端口号为4444的TCP数据包,下列正确的access-list配置是A)Router (config)#access-list 30 deny udp any any eq 1434Router (config)#access-list 30 deny tcp any any eq 4444Router (config)#access-list 30 permit ip any anyB)Router (config)#access-list 130 deny udp any any eq 1434Router (config)#access-list 130 deny tcp any any eq 4444Router (config)#access-list 130 permit ip any anyC)Router (config)#access-list 110 deny any any udp eq 1434Router (config)#access-list 110 deny any any tcp eq 4444Router (config)#access-list 110 permit ip any anyD)Router (config)#access-list 150 deny udp ep 1434 any anyRouter (config)#access-list 150 deny tcp ep 4444 any anyRouter (config)#access-list 150 permit ip any any
考题
定义一个用于封禁ICMP协议而只允许转发166.129.130.0/24子网的ICMP数据包的访问控制列表,Cisco路由器的正确配置是A.access-list 198 permit icmp 166.129.130.0 255.255.255.0 any access-list 198 deny icmp any any access-list 198 permit ip any anyB.access-list 198 permit icmp 166.129.130.0 0.0.0.255 any access-list 198 deny icmp any any access-list 198 permit ip any anyC.access-list 99 permit icmp 166.129.130:0 0.0.0.255 any access-list 99 deny icnip any any access-list 99 permit ip any anyD.access-list 100 permit icmp 166.129.130.0 0.0.0.255 any access-list 100 permit ip any any access-list 100 deny icmp any any
考题
( 22 )只封禁一台地址为 193.62.40.230 主机的 access-list 的正确配置是A ) access-list 110 permit ip any anyaccess-list 110 deny ip host 193.62.40.230 anyaccess-list 110 deny ip any host 193.62.40.230B ) access-list 110 deny ip host 193.62.40.230 anyaccess-list 110 deny ip any host 193.62.40.230access-list 110 permit ip any anyC ) access-list 110 deny ip host 193.62.40.230 anyaccess-list 110 deny ip any host 193.62.40.230D ) access-list 110 deny ip host 193.62.40.230 anyaccess-list 110 permit ip any anyaccess-list 110 deny ip any host 193.62.40.230
考题
在 Cisco 路由器匕用扩展访问控制列表封禁 1P 地址为 211.102.33.24 的主机,正确的配置语句是A )access-list 99 deny ip host 211.102.33.24 anyaccess-list 99 deny ip any host 211.102.33.24access-list 99 permit ip any anyB )access-list 100 permit ip any anyaccess-list 100 deny ip host 211.102.33.24 anyaccess-list 100 deny ip any host 211.102.33.24C )access-list 199 deny ip host 211.102.33.24 anyaccess-list 199 deny ip any host 211.102.33.24access-list 199 permit ip any anyD )access-list 166 deny ip host 211.102.33.24 anyaccess-list 166 permit ip any any
考题
( 22 )用 标准 访问控制列表禁止非法地址 192.168.0.0/16 的数据包进出路由器的正确配置是A ) access-list 110 deny 192.168.0.0 0.0.255.255access-list 110 permit anyB ) access-list 10 deny 192.168.0.0 255.255.0.0access-list 10 permit anyC ) access-list 50 permit anyaccess-list 50 deny 192.168.0.0 0.0.255.255D ) access-list 99 deny 192.168.0.0 0.0.255.255access-list 99 permit an
考题
用扩展访问控制列表配置封禁ICMP协议,只允许l68.27.95.0/24子网的ICMP数据包通过路由器,正确的配置是(61) 。A.access-list 90 deny icmp l68.27.95.0 255.255.255.0 any access-list 90 deny icmp any anyaccess—list 90 permit ip any anyB.access-list l00 permit icmp l68.27.95.0 0.0.0.255 any access-list l00 permit ip any anyC.access—list l l o permit icmp l68.27.95.0 255.255.255.0 any access—list l lo deny icmp any anyD.access-list l20 permit icmp l68.27.95.0 0.0.0.255 any access—list l20 deny icmp any any access—list l20 permit ip any any
考题
要禁止内网中IP地址为198.168.46.8的PC访问外网,正确的ACL规则是(11)。A.access-list 1 permit ip 192.168.46.00.0.0.255 any access-list 1 deny ip host 198.168.46.8 anyB.access-list 1 permit ip host 198.168.46.8 any access-list 1 deny ip 192.168.46.00.0.0.255 anyC.access-list 1 deny ip 192.168.46.00.0.0.255 any access-list 1 permit ip host 198.168.46.8 anyD.access-list 1 deny ip host 198.168.46.8 any access-list 1 permitip 192.168.46.00.0.0.255 any
考题
若要求路由器的某接口上只封禁ICMP协议,但允许159.67.183.0/24子网的ICMP数据包通过,那么使用的access-list命令是______。A.access-list 120 deny icmp 159.67.183.0 0.0.0.255 any access-list 120 permit ip any anyB.access-list 10 permit icmp 159.67.183.0 0.0.0.255 any access-list 10 deny icmp any any access-list 10 permit ip any anyC.access-list 99 permit icmp 159.67.183.0 0.0.0.255 any access-list 99 deny icmp any anyD.access-list 110 permit icmp 159.67.183.0 0.0.0.255 any access-list 110 deny icmp any any access-list 110 permit ip any any
考题
封禁ICMP协议,只转发212.78.170.166/27所在子网的所有站点的ICMP数据包,正确的access-list配置是______。A) Router(config)#access-list 110 permit icmp 212.78.170.166 0.0.0.0 anyRouter(config)#access-list 110 deny icmp any anyRouter(config)#access-list 110 permit ip any anyB) Router(config)#access-list 110 permit icmp 212.78.170.0 255.255.255.224 anyRouter(config)#access-list 110 permit ip any anyRouter(config)#access-list 110 deny icmp any anyC) Router(config)#access-list 110 perimt iemp 212.78.170.0 0.0.0.255 anyRouter(config)#access-list 110 deny icmp any anyRouter(config)#access-list 110 permit ip any anyD) Router(config)#access-list 110 permit icmp 212.78.170.160 0.0.0.31 anyRouter(config)#access-list 110 deny icmp any anyRouter(config)#access-list 110 permit ip any anyA.B.C.D.
考题
ACL默认执行顺序是(5),在配置时要遵循(6)原则、最靠近受控对象原则、以及默认丢弃原则。(5)、(6)备选项(A)最大特权(B)最小特权(C)随机选取(D)自左到右(E)自上而下(F)自下而上=2.要禁止内网中IP地址为192.168.46.8的PC机访问外网,正确的ACL规则是(7).(A)access-list 1 permit ip 192.168.46.00.0.0.255 anyaccess-list 1 deny ip host 192.168.46.8 any(B)access-list 1 permit ip host 192.168.46.8 anyaccess-list 1 deny ip 192.168.46.00.0.0.255 any(C)access-list 1 deny ip 192.168.46.00.0.0.255 anyaccess-list 1 permit ip host 192.168.46.8 any(D)access-list 1 deny ip host 192.16.46.8 anyaccess-list 1 permit ip 192.168.46.00.0.0.255
考题
定义一个用于封禁ICMP协议而只允许转发l66.129.130.0/24子网的ICMP数据包的访问控制列表,Cisc0路由器的正确配置是( )。A.access-list 198 permit icmp 166.129.130.0 255.255.255.0 anyaccess-list 198 deny iemp any anyaccess-list 198 permit ip any anyB.access-list 198 permit icmp 166.129.130.0 0.0.0.255 anyaccess-list 198 deny iemp any anyaccess-list 198 permit ip any anyC.access-list 99 permit icmp 166.129.130.0 0.0.0.255 anyaccess-list 99 deny iemp any anyaccess-list 99 permit ip any anyD.access-list 100 permit icmp 166.129.130.0 0.0.0.255 anyaccess-list 100 permit ip any anyaccess-list 100 deny icmp any any
考题
在一台Cisco路由器的g3/1端口封禁端口号为139的TCP和端口号为1434的UDP连接,并封禁ICMP协议,只允许212.15.41.0/26子网的ICMP数据包通过路由器,正确的access-list配置是( )。
考题
在一台Cisco路由器的g3/1接口,封禁ICMP协议,只允许转发168.105.129.0/24子网的ICMP数据包,正确的访问控制列表的配置是( )。A.B.C.D.A.AB.BC.CD.D
考题
定义一个用于封禁ICMP协议而只允许转发l66.129.130.0/24子网的ICMP数据包的访问控制列表,Cisco路由器的正确配置是( )。A.B.C.D.A.AB.BC.CD.D
考题
只封禁一台地址为193.62.40.230主机的access-list的正确配置是A.access-list 110 permit ip any any access-list 110 deny ip host 193.62.40.230 any access-list 110 deny ip any host 193.62.40.230B.access-list 110 deny ip host 193.62.40.230any access-list 110 deny ip any host 193.62.40.230 access-list 110 permit ip any anyC.access-list 110 deny ip host 193.62.40.230 any access-list 110 deny ip any host 193.62.40.230D.access-list 110 deny ip host 193.62.40.230 any access-list 110 permit ip any any access-list 110 deny ip any host 193.62.40.230
考题
用标准访问控制列表禁止非法地址192.168.0.0/16的数据包进出路由器的正确配置是______。A.access-list 110 deny 192.168.0.0 0.0.255.255 access-list 110 permit anyB.access-list 10 deny 192.168.0.0 255.255.0.0 access-list 10 permit anyC.access-list 50 permit any access-list 50 deny 192.168.0.0 0.0.255.255D.access-list 99 deny 192.168.0.0 0.0.255.255 access-list 99 permit any
考题
用标准访问控制列表封禁非法地址192.168.0.0/16的数据包进出路由器的正确配置是A.access-list 110 deny 192.168.0.0 0.0.255.255 access-list 110 permit anyB.access-list 10 deny 192.168.0.0 255.255.0.0 access-list 10 permit anyC.access-list 50 permit any access-list 50 deny 192.168.0.0 0.0.255.255D.access-list 99 deny 192.168.0.0 0.0.255.255 access-list 99 permit any
考题
下面ACL语句中,表达“禁止外网和内网之间互相ping”的是( )。A.access-list 101 permit any any
B.access-list 101 permit icmp any any
C.access-list 101 deny any any
D.access-list 101 deny icmp any any
考题
计费服务器的ip地址在192.168.1.0/24子网内,为了保证计费服务器的安全,不允许任何用户telnet到该服务器,则需要配置的访问列表条目为:()A、access-list 11 deny tcp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any anyB、access-list 111 deny tcp any 192.168.1.0 eq telnet/access-list 111 permit ip any anyC、access-list 111 deny udp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any anyD、access-list 111 deny tcp any 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any any
考题
要创建一个扩展命名访问控制列表cisco,仅允许HTTP流量进入网络196.15.7.0/24,下面命令是错误的有()。A、ip access-list extended cisco permit tcp any 196.15.7.0 0.0.0.255 eq wwwB、ip access-list extended cisco deny tcp any 196.15.7.0 eq wwwC、ip access-list extended cisco permit 196.15.7.0 0.0.0.255 eq wwwD、ip access-list extended cisco permit ip any 196.15.7.0 0.0.0.255E、ip access-list extended cisco permit www 196.15.7.0 0.0.0.255
考题
仅仅允许到主机1.1.1.1的SMTP邮件服务的命名访问控制列表语句是()。A、ip access-list standard cisco permit smtp host 1.1.1.1B、ip access-list extended cisco permit ip smtp host 1.1.1.1C、ip access-list standard cisco permit tcp any host 1.1.1.1 eq smtpD、ip access-list extended cisco permit tcp any host 1.1.1.1 eq smtp
考题
下面ACL语句中,表达“禁止外网和内网之间互相ping”的是 () 。 A、access-list 101 permit any anyB、access-list 101 permit icmp any anyC、access-list 101 deny any anyD、access-list 101 deny icmp any any
考题
单选题计费服务器的ip地址在192.168.1.0/24子网内,为了保证计费服务器的安全,不允许任何用户telnet到该服务器,则需要配置的访问列表条目为:()A
access-list 11 deny tcp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any anyB
access-list 111 deny tcp any 192.168.1.0 eq telnet/access-list 111 permit ip any anyC
access-list 111 deny udp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any anyD
access-list 111 deny tcp any 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any any
考题
单选题在Cisco路由器上,用扩展访问控制列表封禁IP地址为211.102.33.24的主机,正确的配置语句是( )。A
access-list 99 deny ip host 211.102.33.24 anyaccess-list 99 deny ip any host 211.102.33.24access-list 99 permit ip any anyB
access-list 100 permit ip any anyaccess-list 100 deny ip host 211.102.33.24 anyaccess-list 100 deny ip any host 211.102.33.24C
access-list 199 deny ip host 211.102.33.24 anyaccess-list 199 deny ip any host 211.102.33.24access-list 199 permit ip any anyD
access-list l66 deny ip host 211.102.33.24 anyaccess-list 166 permit ip any any
考题
单选题下面ACL语句中,表达“禁止外网和内网之间互相ping”的是 () 。A
access-list 101 permit any anyB
access-list 101 permit icmp any anyC
access-list 101 deny any anyD
access-list 101 deny icmp any any
考题
多选题要创建一个扩展命名访问控制列表cisco,仅允许HTTP流量进入网络196.15.7.0/24,下面命令是错误的有()。Aip access-list extended cisco permit tcp any 196.15.7.0 0.0.0.255 eq wwwBip access-list extended cisco deny tcp any 196.15.7.0 eq wwwCip access-list extended cisco permit 196.15.7.0 0.0.0.255 eq wwwDip access-list extended cisco permit ip any 196.15.7.0 0.0.0.255Eip access-list extended cisco permit www 196.15.7.0 0.0.0.255
热门标签
最新试卷