Which two actions are taken if the access list is placed inbound on a router Gigabit Ethernet port that has the IP address 192.168.10.254 assigned? (Choose two.)

IT Questions BankCategory: CCNAWhich two actions are taken if the access list is placed inbound on a router Gigabit Ethernet port that has the IP address 192.168.10.254 assigned? (Choose two.)

Question:
Consider the following access list.

access-list 100 permit ip host 192.168.10.1 any
access-list 100 deny icmp 192.168.10.0 0.0.0.255 any echo
access-list 100 permit ip any any

Which two actions are taken if the access list is placed inbound on a router Gigabit Ethernet port that has the IP address 192.168.10.254 assigned? (Choose two.)

  • Only Layer 3 connections are allowed to be made from the router to any other network device.
  • Devices on the 192.168.10.0/24 network are not allowed to reply to any ping requests.
  • Devices on the 192.168.10.0/24 network can sucessfully ping devices on the 192.168.11.0 network.
  • A Telnet or SSH session is allowed from any device on the 192.168.10.0 into the router with this access list assigned.
  • Devices on the 192.168.10.0/24 network are allowed to reply to any ping requests.
  • Only the network device assigned the IP address 192.168.10.1 is allowed to access the router.

Explanation: The first ACE allows the 192.168.10.1 device to do any TCP/IP-based transactions with any other destination. The second ACE stops devices on the 192.168.10.0/24 network from issuing any pings to any other location. Everything else is permitted by the third ACE. Therefore, a Telnet/SSH session or ping reply is allowed from a device on the 192.168.10.0/24 network.

Exam with this question: Modules 3 – 5: Network Security Exam Answers

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x