CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 – 100% Full

New Version:

How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer. If the question is not here, find it in Questions Bank.

NOTE: If you have the new question on this test, please comment Question and Multiple-Choice list in form below this article. We will update answers for you in the shortest time. Thank you! We truly value your contribution to the website.

1. What is the primary purpose of NAT?

  • conserve IPv4 addresses
  • allow peer-to-peer file sharing
  • enhance network performance
  • increase network security

NAT was developed to conserve IPv4 addresses. A side benefit is that NAT adds a small level of security by hiding the internal network addressing scheme. However, there are some drawbacks of using NAT. It does not allow true peer-to-peer communication and it adds latency to outbound connections.

2. Which method is used by a PAT-enabled router to send incoming packets to the correct inside hosts?​

  • It uses the destination TCP or UDP port number on the incoming packet.
  • It uses the source TCP or UDP port number on the incoming packet.
  • It uses the source IP address on the incoming packet.
  • It uses a combination of the source TCP or UDP port number and the destination IP address on the incoming packet.

A PAT-enabled router maintains a table that consists of a mapping of inside local IP addresses and TCP/UDP port numbers to outside local addresses and TCP/UDP port numbers. When traffic returns to the router from the public network, the router would compare the destination port to the PAT mapping table to determine to which inside host the traffic should be sent.

3. What are two benefits of NAT? (Choose two.)

  • It makes troubleshooting routing issues easier.
  • It makes tunneling with IPsec less complicated.
  • It saves public IP addresses.
  • It increases routing performance.
  • It adds a degree of privacy and security to a network.

4. What is a disadvantage of NAT?

  • There is no end-to-end addressing.
  • The router does not need to alter the checksum of the IPv4 packets.​
  • The costs of readdressing hosts can be significant for a publicly addressed network.​
  • The internal hosts have to use a single public IPv4 address for external communication.

Many Internet protocols and applications depend on end-to-end addressing from the source to the destination. Because parts of the header of the IP packets are modified, the router needs to alter the checksum of the IPv4 packets. Using a single public IP address allows for the conservation of legally registered IP addressing schemes. If an addressing scheme needs to be modified, it is cheaper to use private IP addresses.

5. What is an advantage of deploying IPv4 NAT technology for internal hosts in an organization?

  • increases the performance of packet transmission to the Internet
  • makes internal network access easy for outside hosts using UDP
  • provides flexibility in designing the IPv4 addressing scheme
  • enables the easy deployment of applications that require end-to-end traceability

IPv4 NAT provides some benefits:
– NAT conserves the legally registered addressing scheme.
– NAT increases the flexibility of connections to the public network.
– NAT provides consistency for internal network addressing schemes.
– NAT provides certain level of network security by hiding the internal network topology and hosts.IPv4 NAT also brings some disadvantages:
– NAT may impact the network performance due to the translation process
– End-to-end addressing is lost, especially when dynamic NAT is used.
– End-to-end IPv4 traceability is also lost.
– NAT complicates tunneling protocols, such as IPsec.
– Services that require the initiation of TCP connections from the outside network, or stateless protocols, such as those using UDP, can be disrupted.

6. Refer to the exhibit. Which address or addresses represent the inside global address?
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 1

  • 192.168.0.100
  • 10.1.1.2
  • any address in the 10.1.1.0 network
  • 209.165.20.25

7. Refer to the exhibit. A technician is configuring R2 for static NAT to allow the client to access the web server. What is a possible reason that the client PC cannot access the web server?
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 2

  • The IP NAT statement is incorrect.
  • Interface Fa0/1 should be identified as the outside NAT interface.
  • Interface S0/0/0 should be identified as the outside NAT interface.
  • The configuration is missing a valid access control list.

Interface S0/0/0 should be identified as the outside NAT interface. The command to do this would be R2(config-if)# ip nat outside.

8. A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp. What is required to be configured in order for this particular command to be functional?

  • a NAT pool named corp that defines the starting and ending public IP addresses
  • an access list numbered 4 that defines the starting and ending public IP addresses
  • ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT
  • an access list named corp that defines the private addresses that are affected by NAT
  • a VLAN named corp to be enabled and active and routed by R1

In order for the ip nat inside source list 4 pool corp command to work, the following procedure needs to be used beforehand:
Create an access list that defines the private IP addresses affected by NAT.
Establish a NAT pool of starting and ending public IP addresses by using the ip nat pool command.
Use the ip nat inside source list command to associate the access list with the NAT pool.
Apply NAT to internal and external interfaces by using the ip nat inside and ip nat outside commands.

9. When dynamic NAT without overloading is being used, what happens if seven users attempt to access a public server on the Internet when only six addresses are available in the NAT pool?

  • No users can access the server.
  • The request to the server for the seventh user fails.
  • All users can access the server.
  • The first user gets disconnected when the seventh user makes the request.

If all the addresses in the NAT pool have been used, a device must wait for an available address before it can access the outside network.

10. What is defined by the ip nat pool command when configuring dynamic NAT?

  • the range of external IP addresses that internal hosts are permitted to access
  • the pool of available NAT servers
  • the range of internal IP addresses that are translated
  • the pool of global address

Dynamic NAT uses a pool of inside global addresses that are assigned to outgoing sessions. Creating the pool of inside global addresses is accomplished using the ip nat pool command.

11. Refer to the exhibit. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco broadband router?
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 3

  • defines which addresses are allowed into the router
  • defines which addresses can be translated
  • defines which addresses are assigned to a NAT pool
  • defines which addresses are allowed out of the router

12. A network engineer has configured a router with the command ip nat inside source list 4 pool corp overload. Why did the engineer use the overload option?

  • The company router must throttle or buffer traffic because the processing power of the router is not enough to handle the normal load of external-bound Internet traffic.
  • The company has more private IP addresses than available public IP addresses.
  • The company needs to have more public IP addresses available to be used on the Internet.
  • The company has a small number of servers that should be accessible by clients from the Internet.

The overload option enables PAT for a pool of public IP addresses. The source list 4 part of the command refers to the access list that defines what private addresses get translated. The pool corp part of the command refers to the named NAT pool that is created using the separate ip nat pool corp command.

13. What are two of the required steps to configure PAT? (Choose two.)

  • Create a standard access list to define applications that should be translated.
  • Define a pool of global addresses to be used for overload translation.
  • Define the range of source ports to be used.
  • Define the hello and interval timers to match the adjacent neighbor router.
  • Identify the inside interface.

The steps that are required to configure PAT are to define a pool of global addresses to be used for overload translation, to configure source translation by using the keywords interface and overload, and to identify the interfaces that are involved in the PAT.

14. What is the major benefit of using NAT with Port Address Translation?

  • It allows external hosts access to internal servers.
  • It allows many internal hosts to share the same public IPv4 address.
  • It improves network performance for real-time protocols.
  • It provides a pool of public addresses that can be assigned to internal hosts.

Port Address Translation (PAT) tracks IP flows of internal hosts using port numbers. By using port numbers to track flows, PAT allows many users to share a single public IPv4 address.

15. What is the purpose of port forwarding?

  • Port forwarding allows an internal user to reach a service on a public IPv4 address that is located outside a LAN.
  • Port forwarding allows users to reach servers on the Internet that are not using standard port numbers.
  • Port forwarding allows for translating inside local IP addresses to outside local addresses.
  • Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.

Port forwarding allows a user or program from outside to reach services inside a private network. It is not a technique that allows for using services with nonstandard port numbers. NAT or PAT convert inside IP addresses to outside local addresses.

16. A network administrator is configuring a static NAT on the border router for a web server located in the DMZ network. The web server is configured to listen on TCP port 8080. The web server is paired with the internal IP address of 192.168.5.25 and the external IP address of 209.165.200.230. For easy access by hosts on the Internet, external users do not need to specify the port when visiting the web server. Which command will configure the static NAT?

  • R1(config)# ip nat inside source static tcp 209.165.200.230 80 192.168.5.25 8080
  • R1(config)# ip nat inside source static tcp 192.168.5.25 8080 209.165.200.230 80
  • R1(config)# ip nat inside source static tcp 209.165.200.230 8080 192.168.5.25 80
  • R1(config)# ip nat inside source static tcp 192.168.5.25 80 209.165.200.230 8080

The IOS command for port forwarding configuration in global configuration mode is as follows:ip nat inside source {static {tcp | udp local-ip local-port global-ip global-port}Where local-ip is the inside local address, local-port is the port on which the web server listens.

17. What is a characteristic of unique local addresses?

  • They are defined in RFC 3927.
  • Their implementation depends on ISPs providing the service.
  • They allow sites to be combined without creating any address conflicts.
  • They are designed to improve the security of IPv6 networks.

Link-local addresses are defined in RFC 3927. Unique local addresses are independent of any ISP, and are not meant to improve the security of IPv6 networks.

18. Which statement describes IPv6 ULAs?

  • They begin with the fe80::/10 prefix.
  • They conserve IPv6 address space.
  • They are not routable across the Internet.
  • They are assigned by an ISP.

IPv6 ULAs are unique local addresses. ULAs are similar to IPv4 private IP addresses and are not routable on the Internet. ULAs do not conserve IPv6 addresses. ULAs have a network prefix in the fc00::/7 range.

19. Refer to the exhibit. Based on the output that is shown, what type of NAT has been implemented?
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 4

  • PAT using an external interface
  • static NAT with one entry
  • dynamic NAT with a pool of two public IP addresses
  • static NAT with a NAT pool

20. Match the steps with the actions that are involved when an internal host with IP address 192.168.10.10 attempts to send a packet to an external server at the IP address 209.165.200.254 across a router R1 that is running dynamic NAT. (Not all options are used.)
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 5

Explanation: The translation of the IP addresses from 209.65.200.254 to 192.168.10.10 will take place when the reply comes back from the server.

21. Fill in the blank. Do not use abbreviations.
NAT overload is also known as ……….
Correct Answer: Port Address Translation

22. A technician is required to configure an edge router to use a different TCP port number for each session with a server on the Internet. What type of Network Address Translation (NAT) should be implemented?

  • a many-to-one address mapping between local and global addresses
  • a many-to-many address mapping between local and global addresses
  • a one-to-many address mapping between local and global addresses
  • a one-to-one address mapping between local and global addresses

Old version 5.0:

23. Which three statements describe ACL processing of packets? (Choose three.)

  • An implicit deny any rejects any packet that does not match any ACE.
  • A packet can either be rejected or forwarded as directed by the ACE that is matched.
  • A packet that has been denied by one ACE can be permitted by a subsequent ACE.
  • A packet that does not match the conditions of any ACE will be forwarded by default.
  • Each statement is checked only until a match is detected or until the end of the ACE list.
  • Each packet is compared to the conditions of every ACE in the ACL before a forwarding decision is made.

24. What two functions describe uses of an access control list? (Choose two.)

  • ACLs assist the router in determining the best path to a destination.
  • Standard ACLs can restrict access to specific applications and ports.
  • ACLs provide a basic level of security for network access.
  • ACLs can permit or deny traffic based upon the MAC address originating on the router.
  • ACLs can control which areas a host can access on a network.

Explanation: ACLs can be configured as a simple firewall that provides security using basic traffic filtering capabilities. ACLs are used to filter host traffic by allowing or blocking matching packets to networks.

25. In which configuration would an outbound ACL placement be preferred over an inbound ACL placement?

  • when the ACL is applied to an outbound interface to filter packets coming from multiple inbound interfaces before the packets exit the interface
  • when a router has more than one ACL
  • when an outbound ACL is closer to the source of the traffic flow
  • when an interface is filtered by an outbound ACL and the network attached to the interface is the source network being filtered within the ACL

26. Which two characteristics are shared by both standard and extended ACLs? (Choose two.)

  • Both kinds of ACLs can filter based on protocol type.
  • Both can permit or deny specific services by port number.
  • Both include an implicit deny as a final entry.
  • Both filter packets for a specific destination host IP address.
  • Both can be created by using either a descriptive name or number.

Explanation: Standard ACLs filter traffic based solely on a specified source IP address. Extended ACLs can filter by source or destination, protocol, or port. Both standard and extended ACLs contain an implicit deny as a final statement. Standard and extended ACLs can be identified by either names or numbers.

27. A network administrator needs to configure a standard ACL so that only the workstation of the administrator with the IP address 192.168.15.23 can access the virtual terminal of the main router. Which two configuration commands can achieve the task? (Choose two.)

  • Router1(config)# access-list 10 permit host 192.168.15.23
  • Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0
  • Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.255
  • Router1(config)# access-list 10 permit 192.168.15.23 255.255.255.0
  • Router1(config)# access-list 10 permit 192.168.15.23 255.255.255.255

28. What single access list statement matches all of the following networks?
192.168.16.0
192.168.17.0
192.168.18.0
192.168.19.0

  • access-list 10 permit 192.168.16.0 0.0.3.255
  • access-list 10 permit 192.168.16.0 0.0.0.255
  • access-list 10 permit 192.168.16.0 0.0.15.255
  • access-list 10 permit 192.168.0.0 0.0.15.255

29. If a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs could be created and applied to it?

  • 4
  • 6
  • 8
  • 12
  • 16

30. Which three statements are generally considered to be best practices in the placement of ACLs? (Choose three.)

  • Place standard ACLs close to the source IP address of the traffic.
  • Place extended ACLs close to the destination IP address of the traffic.
  • Filter unwanted traffic before it travels onto a low-bandwidth link.
  • Place extended ACLs close to the source IP address of the traffic.
  • Place standard ACLs close to the destination IP address of the traffic.
  • For every inbound ACL placed on an interface, there should be a matching outbound ACL.

31. Refer to the exhibit. A router has an existing ACL that permits all traffic from the 172.16.0.0 network. The administrator attempts to add a new ACE to the ACL that denies packets from host 172.16.0.1 and receives the error message that is shown in the exhibit. What action can the administrator take to block packets from host 172.16.0.1 while still permitting all other traffic from the 172.16.0.0 network?
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 6

  • Manually add the new deny ACE with a sequence number of 5.
  • Manually add the new deny ACE with a sequence number of 15.
  • Create a second access list denying the host and apply it to the same interface.
  • Add a deny any any ACE to access-list 1.

32. Refer to the exhibit. What will happen to the access list 10 ACEs if the router is rebooted before any other commands are implemented?
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 7

  • The ACEs of access list 10 will be deleted.
  • The ACEs of access list 10 will not be affected.
  • The ACEs of access list 10 will be renumbered.
  • The ACEs of access list 10 wildcard masks will be converted to subnet masks.

33. An administrator has configured an access list on R1 to allow SSH administrative access from host 172.16.1.100. Which command correctly applies the ACL?

  • R1(config-if)# ip access-group 1 in
  • R1(config-if)# ip access-group 1 out
  • R1(config-line)# access-class 1 in
  • R1(config-line)# access-class 1 out

34. Consider the following access list that allows IP phone configuration file transfers from a particular host to a TFTP server:

R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000
R1(config)# access-list 105 deny ip any any
R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out

Which method would allow the network administrator to modify the ACL and include FTP transfers from any source IP address?

  • R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
    R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
  • R1(config)# interface gi0/0
    R1(config-if)# no ip access-group 105 out
    R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
    R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
    R1(config)# interface gi0/0
    R1(config-if)# ip access-group 105 out
  • R1(config)# interface gi0/0
    R1(config-if)# no ip access-group 105 out
    R1(config)# no access-list 105
    R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000
    R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
    R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
    R1(config)# access-list 105 deny ip any any
    R1(config)# interface gi0/0
    R1(config-if)# ip access-group 105 out
  • R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000
    R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
    R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
    R1(config)# access-list 105 deny ip any any

35. Refer to the exhibit. What is the result of adding the established argument to the end of the ACE?
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 8

  • Any traffic is allowed to reach the 192.168.254.0 255.255.254.0 network.
  • Any IP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network as long as it is in response to an originated request.
  • 192.168.254.0 /23 traffic is allowed to reach any network.
  • Any TCP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network if it is in response to an originated request.

Explanation: The established argument allows TCP return traffic from established connections to be sent on an outgoing interface to a network.

36. What packets would match the access control list statement that is shown below? access-list 110 permit tcp 172.16.0.0 0.0.0.255 any eq 22

  • SSH traffic from the 172.16.0.0 network to any destination network
  • SSH traffic from any source network to the 172.16.0.0 network
  • any TCP traffic from any host to the 172.16.0.0 network
  • any TCP traffic from the 172.16.0.0 network to any destination network

Explanation: The access-list 110 permit tcp 172.16.0.0 0.0.0.255 any eq 22 ACE will match traffic on port 22, which is SSH, that is sourced from network 172.16.0.0/24 with any destination.

37. Which statement describes a difference between the operation of inbound and outbound ACLs?

  • In contrast to outbound ALCs, inbound ACLs can be used to filter packets with multiple criteria.
  • Inbound ACLs can be used in both routers and switches but outbound ACLs can be used only on routers.
  • Inbound ACLs are processed before the packets are routed while outbound ACLs are processed after the routing is completed.
  • On a network interface, more than one inbound ACL can be configured but only one outbound ACL can be configured.

38. What is a limitation when utilizing both IPv4 and IPv6 ACLs on a router?

  • A device can run only IPv4 ACLs or IPv6 ACLs.
  • Both IPv4 and IPv6 ACLs can be configured on a single device, but cannot share the same name.
  • IPv4 ACLs can be numbered or named whereas IPv6 ACLs must be numbered.
  • IPv6 ACLs perform the same functions as standard IPv4 ACLs.

Explanation: IPv4 and IPv6 ACLs can be configured on the same device as long as they utilize different ACL names. IPv6 ACLs provide the same functionality as named IPv4 extended ACLs but cannot have the same name as any IPv4 ACLs.

39. What method is used to apply an IPv6 ACL to a router interface?

  • the use of the access-class command
  • the use of the ip access-group command
  • the use of the ipv6 traffic-filter command
  • the use of the ipv6 access-list command

Explanation: A network administrator will use the ipv6 traffic-filter command within interface configuration mode to apply an IPv6 ACL.​

40. Which IPv6 ACL command entry will permit traffic from any host to an SMTP server on network 2001:DB8:10:10::/64?

  • permit tcp any host 2001:DB8:10:10::100 eq 25
  • permit tcp host 2001:DB8:10:10::100 any eq 25
  • permit tcp any host 2001:DB8:10:10::100 eq 23
  • permit tcp host 2001:DB8:10:10::100 any eq 23

41. Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface of R1 in the inbound direction. Which IPv6 packets from the ISP will be dropped by the ACL on R1?CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 9

  • HTTPS packets to PC1
  • ICMPv6 packets that are destined to PC1
  • packets that are destined to PC1 on port 80
  • neighbor advertisements that are received from the ISP router

42. Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?

  • the use of wildcard masks
  • an implicit deny any any ACE
  • the use of named ACL entries
  • an implicit permit of neighbor discovery packets

43. Which three implicit access control entries are automatically added to the end of an IPv6 ACL? (Choose three.)

  • deny ip any any
  • deny ipv6 any any
  • permit ipv6 any any
  • deny icmp any any
  • permit icmp any any nd-ns
  • permit icmp any any nd-na

Explanation: All IPv6 ACLs automatically include two implicit permit statements; permit icmp any any nd-ns and permit icmp any any nd-na. These statements allow the router interface to perform neighbor discovery operations. An implicit deny ipv6 any any is also automatically included at the end of any IPv6 ACL that blocks all IPv6 packets not otherwise permitted.

44. What is the only type of ACL available for IPv6?

  • named standard
  • named extended
  • numbered standard
  • numbered extended

Explanation: Unlike IPv4, IPv6 has only one type of access list and that is the named extended access list.

45. Match each statement with the example subnet and wildcard that it describes. (Not all options are used.)

Question
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 10

Answer
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 11

46. Which statement describes a characteristic of standard IPv4 ACLs?

  • They are configured in the interface configuration mode.
  • They filter traffic based on source IP addresses only.
  • They can be created with a number but not with a name.
  • They can be configured to filter traffic based on both source IP addresses and source ports.

47. Which IPv4 address range covers all IP addresses that match the ACL filter specified by 172.16.2.0 with wildcard mask 0.0.1.255?

  • 172.16.2.0 to 172.16.2.255
  • 172.16.2.1 to 172.16.3.254
  • 172.16.2.0 to 172.16.3.255
  • 172.16.2.1 to 172.16.255.255

Explanation: The wildcard mask 0.0.1.255 means the first 23 bits are matched and the last 9 bits are ignored. That is, a matching IP address should be from 172.16.2.0 to 172.16.3.255 (where last 9 bits are from all 0s to all 1s and any value between).

48. Refer to the exhibit. The network administrator that has the IP address of 10.0.70.23/25 needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed to this server. Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (Choose two.)
CCNA2_Ch9_02

  • access-list 105 permit ip host 10.0.70.23 host 10.0.54.5
    access-list 105 permit tcp any host 10.0.54.5 eq www
    access-list 105 permit ip any any
  • access-list 105 permit tcp host 10.0.54.5 any eq www
    access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
    access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21
  • access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
    access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21
    access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www
    access-list 105 deny ip any host 10.0.54.5
    access-list 105 permit ip any any
  • R2(config)# interface gi0/0
    R2(config-if)# ip access-group 105 in
  • R1(config)# interface gi0/0
    R1(config-if)# ip access-group 105 out
  • R1(config)# interface s0/0/0
    R1(config-if)# ip access-group 105 out

49. Launch PT – Hide and Save PT
CCNA 2 (v5.0.3 + v6.0) Chapter 9 Exam Answers 2020 - 100% Full 12
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question. Why is the ACL not working?

  • The ACL is missing a deny ip any any ACE.
  • The ACL is applied in the wrong direction.
  • The access-list 105 command or commands are incorrect.
  • The ACL is applied to the wrong interface.*
  • No ACL is needed for this scenario.

50. What are two possible uses of access control lists in an enterprise network? (Choose two.)

  • limiting debug outputs
  • reducing the processing load on routers
  • controlling the physical status of router interfaces
  • controlling virtual terminal access to routers
  • allowing Layer 2 traffic to be filtered by a router

51. A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp . What is required to be configured in order for this particular command to be functional?

    • a VLAN named corp to be enabled and active and routed by R1
    • a NAT pool named corp that defines the starting and ending public IP addresses
    • an access list numbered 4 that defines the starting and ending public IP addresses
    • an access list named corp that defines the private addresses that are affected by NAT
    • ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT

Download PDF File below:

Subscribe
Notify of
guest

3 Comments
Inline Feedbacks
View all comments
Guest
Guest
3 years ago

A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp . What is required to be configured in order for this particular command to be functional?

-a VLAN named corp to be enabled and active and routed by R1
-a NAT pool named corp that defines the starting and ending public IP addresses
-an access list numbered 4 that defines the starting and ending public IP addresses
-an access list named corp that defines the private addresses that are affected by NAT
-ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT

w
w
5 years ago

A technician is required to configure an edge router to use a different TCP port number for each session with a server on the Internet. What type of Network Address Translation (NAT) should be implemented?

*****a many-to-one address mapping between local and global addresses****
a many-to-many address mapping between local and global addresses
a one-to-many address mapping between local and global addresses
a one-to-one address mapping between local and global addresses

Rob
Rob
8 years ago

Extreme dryness might create the skin more susceptible to wrinkle,
and can result in skin or cracking discomfort -causing destruction.

3
0
Would love your thoughts, please comment.x
()
x