网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
访问列表如下:access-list 4 deny 202.38.0.00.0.255.255access-list 4 permit 202.38.160.10.0.0.255应用于该路由器的配置如下:Quidway(config)firew all default permitQuidway(config-if-Serical0)ipaccess-group 4 in该路由器E0口接本地局域网,S0口接到Internet,以下说法正确的有:()
A.所有的外部数据包都可以通过S口,自由出入本地局域网
B.内部主机可以任意访问外部任何地址的主机
C.内部主机不可以访问本列表禁止的外部地址的主机
D.连在该路由器其他端口的主机可任意访问内部网资源
参考答案
更多 “ 访问列表如下:access-list 4 deny 202.38.0.00.0.255.255access-list 4 permit 202.38.160.10.0.0.255应用于该路由器的配置如下:Quidway(config)firew all default permitQuidway(config-if-Serical0)ipaccess-group 4 in该路由器E0口接本地局域网,S0口接到Internet,以下说法正确的有:()A.所有的外部数据包都可以通过S口,自由出入本地局域网B.内部主机可以任意访问外部任何地址的主机C.内部主机不可以访问本列表禁止的外部地址的主机D.连在该路由器其他端口的主机可任意访问内部网资源 ” 相关考题
考题
(22)下面的访问控制列表中,()禁止所有TELNET访问子网10.10.1.0/24。A)access-list 15 deny udp any 10.10.1.0 255.255 255.0 eq 23B) access-list 115 deny tcp any 10.10.1.0 0.0.0.255 eq 23C)access-list 115 deny udp any 10.10.1.0 eq telnetD)access-list 15 deny telnet any 10.10.1.0 0.0.0.255 eq 23
考题
定义一个用于封禁ICMP协议而只允许转发166.129.130.0/24子网的ICMP数据包的访问控制列表,Cisco路由器的正确配置是( )。A) access-list 198 permit icmp 166.129.130.0 255.255.255.0 anyaccess-list 198 deny icmp any anyaccess-list 198 permit ip any anyB) access-list 198 permit icmp 166.129.130.0 0.0.0 255 anyaccess-list 198 deny icmp any anyaccess-list 198 permit ip any anyC) access-list 99 permit icmp 166.129.130.0 0.0.0 255 anyaccess-list 99 deny icmp any anyaccess-list 99 permit ip any anyD) access-list 100 permit icmp 166.129.130.0 0.0.0 255 anyaccess-list 100 pernut ip any anyaccess-list 100 deny icmp any any
考题
在Cisco路由器上,用扩展访问控制列表封禁IP地址为211.102.33.24的主机,正确的配置语句是______。A.access-list 99 deny ip host 211.102.33.24 any access-list 99 deny ip any host 211.102.33.24 access-list 99 permit ip any anyB.access-list 100 permit ip any any access-list 100 deny ip host 211.102.33.24 any access-list 100 deny ip any host 211.102.33.24C.access-list 199 deny ip host 211.102-33.24 any access-list 199 deny ip any host 211.102.33.24 access-list 199 permit ip any anyD.access-list 166 deny ip host 211.102.33.24 any access-list 166 permit ip any any
考题
定义一个用于封禁ICMP协议而只允许转发166.129.130.0/24子网的ICMP数据包的访问控制列表,Cisco路由器的正确配置是A.access-list 198 permit icmp 166.129.130.0 255.255.255.0 any access-list 198 deny icmp any any access-list 198 permit ip any anyB.access-list 198 permit icmp 166.129.130.0 0.0.0.255 any access-list 198 deny icmp any any access-list 198 permit ip any anyC.access-list 99 permit icmp 166.129.130:0 0.0.0.255 any access-list 99 deny icnip any any access-list 99 permit ip any anyD.access-list 100 permit icmp 166.129.130.0 0.0.0.255 any access-list 100 permit ip any any access-list 100 deny icmp any any
考题
在 Cisco 路由器匕用扩展访问控制列表封禁 1P 地址为 211.102.33.24 的主机,正确的配置语句是A )access-list 99 deny ip host 211.102.33.24 anyaccess-list 99 deny ip any host 211.102.33.24access-list 99 permit ip any anyB )access-list 100 permit ip any anyaccess-list 100 deny ip host 211.102.33.24 anyaccess-list 100 deny ip any host 211.102.33.24C )access-list 199 deny ip host 211.102.33.24 anyaccess-list 199 deny ip any host 211.102.33.24access-list 199 permit ip any anyD )access-list 166 deny ip host 211.102.33.24 anyaccess-list 166 permit ip any any
考题
( 22 )用 标准 访问控制列表禁止非法地址 192.168.0.0/16 的数据包进出路由器的正确配置是A ) access-list 110 deny 192.168.0.0 0.0.255.255access-list 110 permit anyB ) access-list 10 deny 192.168.0.0 255.255.0.0access-list 10 permit anyC ) access-list 50 permit anyaccess-list 50 deny 192.168.0.0 0.0.255.255D ) access-list 99 deny 192.168.0.0 0.0.255.255access-list 99 permit an
考题
要禁止内网中IP地址为198.168.46.8的PC访问外网,正确的ACL规则是(11)。A.access-list 1 permit ip 192.168.46.00.0.0.255 any access-list 1 deny ip host 198.168.46.8 anyB.access-list 1 permit ip host 198.168.46.8 any access-list 1 deny ip 192.168.46.00.0.0.255 anyC.access-list 1 deny ip 192.168.46.00.0.0.255 any access-list 1 permit ip host 198.168.46.8 anyD.access-list 1 deny ip host 198.168.46.8 any access-list 1 permitip 192.168.46.00.0.0.255 any
考题
若要求路由器的某接口上只封禁ICMP协议,但允许159.67.183.0/24子网的ICMP数据包通过,那么使用的access-list命令是______。A.access-list 120 deny icmp 159.67.183.0 0.0.0.255 any access-list 120 permit ip any anyB.access-list 10 permit icmp 159.67.183.0 0.0.0.255 any access-list 10 deny icmp any any access-list 10 permit ip any anyC.access-list 99 permit icmp 159.67.183.0 0.0.0.255 any access-list 99 deny icmp any anyD.access-list 110 permit icmp 159.67.183.0 0.0.0.255 any access-list 110 deny icmp any any access-list 110 permit ip any any
考题
封禁ICMP协议,只转发212.78.170.166/27所在子网的所有站点的ICMP数据包,正确的access-list配置是______。A) Router(config)#access-list 110 permit icmp 212.78.170.166 0.0.0.0 anyRouter(config)#access-list 110 deny icmp any anyRouter(config)#access-list 110 permit ip any anyB) Router(config)#access-list 110 permit icmp 212.78.170.0 255.255.255.224 anyRouter(config)#access-list 110 permit ip any anyRouter(config)#access-list 110 deny icmp any anyC) Router(config)#access-list 110 perimt iemp 212.78.170.0 0.0.0.255 anyRouter(config)#access-list 110 deny icmp any anyRouter(config)#access-list 110 permit ip any anyD) Router(config)#access-list 110 permit icmp 212.78.170.160 0.0.0.31 anyRouter(config)#access-list 110 deny icmp any anyRouter(config)#access-list 110 permit ip any anyA.B.C.D.
考题
Cisco路由器执行show access-list命令显示如下一组控制列表信息:Standard IP acceSS list 30deny 127.0.0.0,wildcard bits 0.255.255.255deny 172.16.0.0,wiidcard bits 0.15.255.255permft any根据上述信息,正确的access-list配置是______。A) Router(config)#access-list 30 deny 127.0.0.0 255.255.255.0Router(config)#access-list 30 deny 172.16.0.0 255.240.0.0Router(config)#access-list 30 permit anyB) Router(config-std-nacl)#access-list 30 deny 127.0.0.0 0.255.255.255Router(config-std-nael)#access-list 30 deny 172.16.0.0 0.15.255.255Router(config-std-nacl)#access-list 30 permit anyC) Router(config)#access-list 30 deny 127.0.0.0 0.255.255.255Router(config)#access-list 30 deny 172.16.0.0 0.15.255.255Router(config)#access-list 30 permit anyD) Router(config)#access-list 30 deny 127.0.0.0 0.255.255.255Router(config)#access-list 30 permit anyRouter(config)#access-list 30 deny 172.16.0.0 0.15.255.255A.B.C.D.
考题
标准IP访问控制列表的基本格式为access-list[list number] [permit | deny] [host/any] [sourceaddress] [wildcard-mask][log],请填写其参数描述。a. list number .......................................... [11]b. permit/deny ....................................... [12]c. s
考题
只封禁一台地址为192.168.1.230主机的access-list正确配置是 (5) 。 A.access-list 110 permit中anyany access-list 110 deny中host 192.168.1.230 any access-list 110 deny ip anyhost 192.168.1.230B.access-list 110 deny中host 192.168.1.230 any access-list 110 deny中any host 192.168.1.230 access-list 110 permit ip anyanyC.access-list 110 deny ip host 192.168.1.230 any access-list 110 deny ip any host 192.168.1.230D.access-list 110 deny ip host 192.168.1.230 any access-list 110 permit ip anyany access-list 110 deny ip any host 192.168.1.230
考题
为了过滤数据包,需要配置访问控制列表(ACL),规定什么样的数据包可以通过,什么样的数据包不能通过。ACL规则由多条permit或deny语句组成,语句的匹配顺序是从上到下。语句access-list 1 deny any any的含义是(4),该语句一般位于ACL规则的最后。语句access-list 100 permit tcp any host222.134.135.99eq ftp的含义是(5)。
考题
标准IP访问控制列表的基本格式为access-list[1ist number][permit|deny][host/any][sourceaddress][wild-card-mask][log],请填写其参数描述。a、list number…………………………………… ______b、permit/deny………………………………… ______c、source address……………………………… ______d、host/any…………………………………… ______e、windcad-mask……………………………… ______
考题
下面 ACL 语句中,准备表达“允许访问服务器 202.110.10.1 的 WWW 服务”的是()。
A. access-list 101 permit any 202.110.10.1
B. access-list 101 permit tcp any host 202.110.10.1 eq www
C. access-list 101 deny any 202.110.10.1
D. access-list 101 deny tcp any host 202.110.10.1 eq www
考题
下面格式是正确的标准访问控制列表有()。A、access-list standard 172.16.4.13B、access-list 2 deny 172.16.4.13 0.0.0.0C、access-list 101 deny 172.16.4.13 0.0.0.0D、access-list 199 deny 172.16.4.13 255.255.255.255
考题
计费服务器的ip地址在192.168.1.0/24子网内,为了保证计费服务器的安全,不允许任何用户telnet到该服务器,则需要配置的访问列表条目为:()A、access-list 11 deny tcp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any anyB、access-list 111 deny tcp any 192.168.1.0 eq telnet/access-list 111 permit ip any anyC、access-list 111 deny udp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any anyD、access-list 111 deny tcp any 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any any
考题
你需要创建一个标准访问控制列表用来拒绝主机172.16.198.94/19所在的子网,表示错误的有()。A、access-list 10 deny 172.16.192.00.0.31.255B、access-list 10 deny 172.16.0.00.0.255.255C、access-list 10 deny 172.16.172.00.0.31.255D、access-list 10 deny 172.16.188.00.0.15.255E、access-list 10 deny 172.16.192.00.0.15.255
考题
下列选项中哪一条可以准确的匹配并代替以下四条访问控制列表() (1):access-list 10 permit172.29.16.00.0.0.255 (2):access-list 10 permit172.29.17.00.0.0.255 (3):access-lis t10 permit172.29.18.00.0.0.255 (4):access-list 10 permit172.29.19.00.0.0.255A、access-list 10 permit 172.29.16.00.0.0.255B、access-list 10 permit 172.29.16.00.0.1.255C、access-list 10 permit 172.29.16.00.0.3.255D、access-list 10 permit 172.29.16.00.0.15.255E、access-list 10 permit 172.29.16.0255.255.252.0
考题
A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()A、access-list 101 deny tcp 192.168.1.128 0.0.015 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any anyB、access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any anyC、access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any anyD、access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any anyE、access-list 101 deny ip 192.168.1.128 0.0.0.240 192.158.1.5 0.0.0.0 eq 23 access-list 101 permit ip any anyF、access-list 101 deny ip 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any any
考题
某台路由器上配置了如下一条访问列表access-list 4 deny 202.38.0.00.0.255.255access-list 4 permit 202.38.160.10.0.0.255表示:()A、只禁止源地址为202.38.0.0网段的所有访问B、只允许目的地址为202.38.0.0网段的所有访问C、检查源IP地址,禁止202.38.0.0大网段的主机,但允许其中的202.38.160.0小网段上的主机D、检查目的IP地址,禁止202.38.0.0大网段的主机,但允许其中的202.38.160.0小网段上的主机
考题
访问列表是路由器的一种安全策略,你决定用一个标准ip访问列表来做安全控制,以下为标准访问列表的例子为:()A、access-list standart 192.168.10.23B、access-list 10 deny 192.168.10.23 0.0.0.0C、access-list 101 deny 192.168.10.23 0.0.0.0D、access-list 101 deny 192.168.10.23 255.255.255.255
考题
访问列表如下: access-list 4 deny 202.38.0.00.0.255.255 access-list 4 permit 202.38.160.10.0.0.255 应用于该路由器的配置如下: Quidway(config)#firew all default permit Quidway(config-if-Serical0)#ipaccess-group 4 in 该路由器E0口接本地局域网,S0口接到Internet,以下说法正确的有:()A、所有的外部数据包都可以通过S口,自由出入本地局域网B、内部主机可以任意访问外部任何地址的主机C、内部主机不可以访问本列表禁止的外部地址的主机D、连在该路由器其他端口的主机可任意访问内部网资源
考题
单选题计费服务器的ip地址在192.168.1.0/24子网内,为了保证计费服务器的安全,不允许任何用户telnet到该服务器,则需要配置的访问列表条目为:()A
access-list 11 deny tcp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any anyB
access-list 111 deny tcp any 192.168.1.0 eq telnet/access-list 111 permit ip any anyC
access-list 111 deny udp 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any anyD
access-list 111 deny tcp any 192.168.1.0 0.0.0.255 eq telnet/access-list 111 permit ip any any
考题
问答题标准IP访问控制列表的基本格式为access-list[1ist number][permit|deny][host/any][sourceaddress][wildcard-mask][log],请填写其参数描述。 a、list number……………………………………【11】 b、permit/deny…………………………………【12】 c、source address…………………………………【13】 d、host/any………………………………………【14】 e、windcad-mask…………………………………【15】
考题
单选题某台路由器上配置了如下一条访问列表access-list 4 deny 202.38.0.00.0.255.255access-list 4 permit 202.38.160.10.0.0.255表示:()A
只禁止源地址为202.38.0.0网段的所有访问B
只允许目的地址为202.38.0.0网段的所有访问C
检查源IP地址,禁止202.38.0.0大网段的主机,但允许其中的202.38.160.0小网段上的主机D
检查目的IP地址,禁止202.38.0.0大网段的主机,但允许其中的202.38.160.0小网段上的主机
考题
单选题访问列表如下: access-list 4 deny 202.38.0.00.0.255.255 access-list 4 permit 202.38.160.10.0.0.255 应用于该路由器的配置如下: Quidway(config)#firew all default permit Quidway(config-if-Serical0)#ipaccess-group 4 in 该路由器E0口接本地局域网,S0口接到Internet,以下说法正确的有:()A
所有的外部数据包都可以通过S口,自由出入本地局域网B
内部主机可以任意访问外部任何地址的主机C
内部主机不可以访问本列表禁止的外部地址的主机D
连在该路由器其他端口的主机可任意访问内部网资源
考题
多选题要创建一个扩展命名访问控制列表cisco,仅允许HTTP流量进入网络196.15.7.0/24,下面命令是错误的有()。Aip access-list extended cisco permit tcp any 196.15.7.0 0.0.0.255 eq wwwBip access-list extended cisco deny tcp any 196.15.7.0 eq wwwCip access-list extended cisco permit 196.15.7.0 0.0.0.255 eq wwwDip access-list extended cisco permit ip any 196.15.7.0 0.0.0.255Eip access-list extended cisco permit www 196.15.7.0 0.0.0.255
热门标签
最新试卷