Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?

IT Questions Bank › Category: CCNP › Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?

0
Vote Up
Vote Down

ITExamAnswers Staff asked 2 years ago

Question:
Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?

access-list 103 deny tcp host 192.168.10.0 any eq 23
access-list 103 permit tcp host 192.168.10.1 eq 80
access-list 103 permit tcp 192.168.10.0 0.0.0.255 any eq 80
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23
access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq telnet
access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23

Explanation:

For an extended ACL to meet these requirements the following need to be included in the access control entries:

identification number in the range 100-199 or 2000-2699
permit or deny parameter
protocol
source address and wildcard
destination address and wildcard
port number or name

More Questions: CCNA 3 v7 Modules 3 – 5 Exam Answers
More Questions: Enterprise Networking, Security, and Automation ( Version 7.00) – ENSA Final Exam
More Questions: CCNA 4 Chapter 4 Exam Answers
More Questions: CCNPv8 ENCOR (Version 8.0) – Access Control and Infrastructure Security Exam
More Questions: Chapter 21: Quiz – Troubleshooting ACLs and Prefix Lists CCNPv8 ENARSI

Related Articles