Q:

What command will permit SMTP mail to only host 1.1.1.1?

A) access-list 10 permit smtp host 1.1.1.1 B) access-list 110 permit ip smtp host 1.1.1.1
C) access-list 10 permit tcp any host 1.1.1.1 eq smtp D) access-list 110 permit tcp any host 1.1.1.1 eq smtp
 
Answer & Explanation Answer: D) access-list 110 permit tcp any host 1.1.1.1 eq smtp

Explanation:

when trying to find the best answer to an access - list question, always check the access - list bnumber and then the protocol. When filtering to an upper - layer protocol, you must use an extended list, numbers 100 - 199 and 2000 - 2699. Also, when you filter to the port of an upper - layer protocol, you must use either tcp or udp in the ACL protocol field. If it says ip in the protocol field, you cannot filoter on the port number of an upper - layer protocol. SMTP uses TCP

Report Error

View Answer Report Error Discuss

Filed Under: CCNA - CISCO Certification

5 10843
Q:

Which command would you use to apply an access list to a router interface?

A) ip access - list 101 out B) acces - list ip 101 in
C) ip access - group 101 in D) access - group ip 101 in
 
Answer & Explanation Answer: C) ip access - group 101 in

Explanation:

To apply an access list , the proper command is ip access - group 101 in.

Report Error

View Answer Report Error Discuss

Filed Under: CCNA - CISCO Certification

0 1360
Q:

If you wanted to deny all Telnet connections to only network 192.168.10.0, which command could you use?

A) access-list 100 deny tcp 192.168.10.0 255.255.255.0 eq telnet B) access-list 100 deny tcp 192.168.10.0 0.255.255.255 eq telnet
C) access - list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23 D) access - list 100 deny 192.168.10.0 0.0.0.255 any eq 23
 
Answer & Explanation Answer: C) access - list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23

Explanation:

The extended access list ranges are 100 - 199 and 2000 - 2699, so the access-list number of 100 is valid. Telnet uses TCP, so the protocol TCP is valid. Now you just need to look for the source and destination address. only the third option has the correct sequence of parameters. Option B may work, but the question specifically states "only" to network 192.168.10.0, and the wildcard in option B is too broad.

Report Error

View Answer Report Error Discuss

Filed Under: CCNA - CISCO Certification

0 3694
Q:

What router command allows you to determine whether an IP access list is enabled on a particular interface?

A) show ip port B) show access - lists
C) show ip interface D) show access - lists interface
 
Answer & Explanation Answer: C) show ip interface

Explanation:

Of the available choices only the show ip interface command will tell you which interfaces have access lists applied. show access - lists will not show you which interfaces have an access list applied. 

Report Error

View Answer Report Error Discuss

Filed Under: CCNA - CISCO Certification

0 3408
Q:

You need to create an access list that will prevent hosts in the network range of 192.168.160.0 to 192.168.191.0 . Which of the following lists will you use?

A) access - list 10 deny 192.168.160.0 255.255.224.0 B) access - list 10 deny 192.168.160.0 0.0.191.255
C) access - list 10 deny 192.168.160.0 0.0.31.255 D) access - list 10 deny 192.168.0.0 0.0.31.255
 
Answer & Explanation Answer: C) access - list 10 deny 192.168.160.0 0.0.31.255

Explanation:

The range of 192.168.160.0 to 192.168.191.0 is a block size of 32. The network address is 192.168.160.0 and the mask would be 255.255.224.0, which for an access list must be a wildcard format of 0.0.31.255 . The 31 is used for a block size of 32. The wildcard is always one less than the block size.

Report Error

View Answer Report Error Discuss

Filed Under: CCNA - CISCO Certification

0 2530
Q:

Which of the following is an example of a standard IP access list?

A) access - list 110 permit host 1.1.1.1 B) access - list 1 deny 172 . 16 . 10 . 1 0 . 0 . 0 . 0
C) access - list 1 permit 172 . 16 . 10 . 1 255 . 255 . 0 . 0 D) access - list standard 1 . 1 . 1 . 1
 
Answer & Explanation Answer: B) access - list 1 deny 172 . 16 . 10 . 1 0 . 0 . 0 . 0

Explanation:

Standard IP access lists use the numbers 1 - 99 and 1300 - 1999 and filter based on source IP address only. Option C is incorrect because the mask must be in wildcard format.

Report Error

View Answer Report Error Discuss

Filed Under: CCNA - CISCO Certification

0 1755
Q:

What type of Cisco tagging information allows VLANs to be multiplexed over a trunk link through an external encapsulation method?

Answer

Inter-Switch Link (ISL)

Report Error

View answer Workspace Report Error Discuss

0 1014
Q:

What is frame tagging?

Answer

Frame identification (frame tagging) uniquely assigns a user-defined ID to each frame. This is sometimes reffered to as a VLAN ID or color.

Report Error

View answer Workspace Report Error Discuss

0 2396