Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
16 Cards in this Set
- Front
- Back
|
standard acl range |
1–99 1300–1999 |
|
|
extended acl range |
100–199 2000–2699 |
|
|
deny traffic from 10.1.6.0/24 std acl 1 inbound configuration |
conf term access–list 1 deny 10.1.6.0 0.0.0.255 interface Eth0/0 ip access–group 1 in end |
|
|
deny all tcp, udp and icmp traffic through the interface using extended numbered ACL 101? |
access-list 101 deny tcp any any access-list 101 deny udp any any access-list 101 deny icmp any any |
|
|
command to create extended named acl barney |
ip access–list extended barney |
|
|
command to activate barney on Eth0/0 inbound |
ip access–group barney in |
|
|
allow web clients in 10.1.4.0/22 access to http (port 80) on servers in 10.1.8.0/22, but deny web clients everywhere else access to http on servers in 10.1.8.0/22 using extended numbered ACL 101? |
access-list 101 permit tcp 10.1.4.0 0.0.3.255 10.1.8.0 0.0.3.255 eq 80 access-list 101 deny tcp any 10.1.8.0 0.0.3.255 eq 80 |
|
|
permit ICMP messages from the subnet 192.168.7.200/26 is in to all hosts in the subnet which 192.168.7.14/29 is in, but deny ICMP traffic into 192.168.7.14/29 subnet from all other sources (config steps, including attaching acl to the interface Eth0/0 inbound) using extended numbered ACL 103? |
conf term access-list 103 permit icmp 192.168.7.192 0.0.0.63 192.168.7.8 0.0.0.7 access-list 103 deny icmp any 192.168.7.8 0.0.0.7 interface Eth0/0 ip access-group 103 in end |
|
|
permit ICMP messages from the subnet 192.168.7.200/26 is in to all hosts in the subnet which 192.168.7.14/29 is in, but deny ICMP traffic into 192.168.7.14/29 subnet from all other sources (config steps, including attaching acl to the interface Eth0/0 inbound) using extended named ACL barney? |
conf term ip access-list extended barney permit icmp 192.168.7.192 0.0.0.63 192.168.7.8 0.0.0.7 deny icmp any 192.168.7.8 0.0.0.7 exit interface Eth0/0 ip access-group barney in end |
|
|
(continue previous question) output of “show access-lists barney”? |
10 permit icmp 192.168.7.192 0.0.0.63 192.168.7.8 0.0.0.7 20 deny icmp any 192.168.7.8 0.0.0.7 |
|
|
(continue previous question) adding additional rule (permit any icmp traffic into 192.168.7.16/29) to barney and then output of “show access-lists barney”? |
conf term ip access-list extended barney permit icmp any 192.168.7.16 0.0.0.7 end show access-lists barney 10 permit icmp 192.168.7.192 0.0.0.63 192.168.7.8 0.0.0.7 20 deny icmp any 192.168.7.8 0.0.0.7 30 permit icmp any 192.168.7.16 0.0.0.7 |
|
|
(continue previous question) removing rule (deny any icmp traffic into 192.168.7.8/29) to barney and then output of “show access-lists barney”? |
conf term ip access-list extended barney no deny icmp any 192.168.7.8 0.0.0.7 end show access-lists barney 10 permit icmp 192.168.7.192 0.0.0.63 192.168.7.8 0.0.0.7 30 permit icmp any 192.168.7.16 0.0.0.7 |
|
|
(continue previous question) removing rule (rule 10) to barney and then output of “show access-lists barney”? |
conf term ip access-list extended barney no 10 end show access-lists barney 30 permit icmp any 192.168.7.16 0.0.0.7 |
|
|
only allow SSH connections into line terminals 0-4 from the management network 10.1.1.0/24, using standard acl 3 |
conf term access-list 3 permit 10.1.1.0 0.0.0.255
line vty 0 4 access-class 3 in end |
|
|
extended acl 101 permit ssh (tcp port 22) traffic from 10.1.1.0/24 into 10.2.0.0/16configuration on Eth0/0 |
conf term access–list 101 permit tcp 10.1.1.0 0.0.0.255 10.2.0.0 0.0.255.255 eq 22 interface Eth0/0 ip access–group 101 in end |
|
|
extended acl barney permit ssh (tcp port 22) traffic from 10.1.1.0/24 into 10.2.0.0/16configuration on Eth0/0 |
conf term ip access–list extended barney permit tcp 10.1.1.0 0.0.0.255 10.2.0.0 0.0.255.2 eq 22 exit interface Eth0/0 ip access–group barney in end |
