CCNA – The IT Certification Exam About Computer Security Quiz

Reviewed by Editorial Team

The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.

Learn about Our Editorial Process

| By Rap

Rap

Community Contributor

Quizzes Created: 12 | Total Attempts: 45,248

| Attempts: 4,705

Quiz Flashcard

Questions

Feedback

During the Quiz End of Quiz

Difficulty

Easy First Hard First Sequential

Share on Facebook Share on Twitter Share on Whatsapp Share on Pinterest Share on Email Copy to Clipboard Embed on your website

1/10 Questions

The standard access lists are ranged from 101 to 199 and from 1100 to 1199.
- True
- False

About This Quiz

Looking for an IT certification practice test? How about the IT certification exam for the computer security quiz? In computer security, an access-control list is a list of permissions associated with a system resource. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Let's find out See moreyour knowledge with this quiz. Wish you all the best with this test!

CCNA The IT Certification Exam About Computer SecurITy Quiz - Quiz

2.

Which item represents the standard IP ACL?
- Access-list 50 deny 192.168.1.1 0.0.0.255
- Access-list 110 permit IP any any
- Access-list 2500 denies tcp any host 192.168.1.1 eq 22
- Access-list 101 denies tcp any host 192.168.1.1
Correct Answer

A. Access-list 50 deny 192.168.1.1 0.0.0.255

Explanation

The correct answer is "access-list 50 deny 192.168.1.1 0.0.0.255" because it represents a standard IP ACL. Standard IP ACLs are used to filter traffic based on source IP addresses only. In this case, the ACL is denying any traffic coming from the IP address 192.168.1.1 with a wildcard mask of 0.0.0.255, which means it will match any source IP address in the 192.168.1.0/24 range.

Rate this question:

6
3.

The authentication process is completed by the router or central access.
- True
- False
Correct Answer

A. True

Explanation

The statement is true because the authentication process is indeed completed by the router or central access. These devices are responsible for verifying the identity of the user or device trying to access the network. They typically use various authentication methods such as passwords, digital certificates, or biometrics to ensure that only authorized users can gain access to the network.

Rate this question:

1
4.

There can be any number of inbound access lists on an interface, irrespective of other details.
- True
- False
Correct Answer

A. False

Explanation

The statement is false because there can only be one inbound access list per interface. Multiple access lists cannot be applied to the same interface in the inbound direction.

Rate this question:

2
5.

On which options are standard access lists based?
- Destination address and wildcard mask
- Destination address and subnet mask
- The source address and subnet mask
- The source address and wildcard mask
Correct Answer

A. The source address and wildcard mask

Explanation

Standard access lists are based on the source address and wildcard mask. This means that when creating a standard access list, the criteria for permitting or denying traffic is determined based on the source IP address of the packets. The wildcard mask is used to specify which bits in the source address should be matched. By using the source address and wildcard mask, network administrators can control access to specific source IP addresses or ranges of addresses.

Rate this question:

3
6.

Refer to the exhibit.Statements A, B, C, and D of ACL 10 have been entered in the shown order and applied to interface E0 inbound to prevent all hosts (except those whose addresses are the first and last IP of subnet 172.21.1.128/28) from accessing the network. But as is, the ACL does not restrict anyone from the network. How can the ACL statements be re-arranged so that the system works as intended?
- ACDB
- BADC
- DBAC
- CDBA
Correct Answer

A. CDBA

Explanation

The correct order of ACL statements should be CDBA. In this order, statement C will be evaluated first, which denies access to all hosts except those with the first and last IP of subnet 172.21.1.128/28. Statement D will be evaluated next, denying access to all hosts. Statement B will then permit access to the first and last IP addresses of the subnet. Finally, statement A will permit access to all other hosts. This re-arrangement ensures that the ACL works as intended by preventing access to all hosts except the specified ones.

Rate this question:

8
7.

Refer to the exhibit.An attempt to deny web access to a subnet blocks all traffic from the subnet. Which interface command immediately removes the effect of ACL 102?
- No IP access-class 102 in
- No IP access-class 102 out
- No IP access-group 102 in
- No IP access-group 102 out
- No IP access-list 102 in
Correct Answer

A. No IP access-group 102 out

Explanation

The correct answer is "no IP access-group 102 out". This command removes the effect of ACL 102 on outgoing traffic, allowing traffic from the subnet to pass through the interface without any restrictions.

Rate this question:

1
8.

Which statement about access lists that are applied to an interface is true?
- You can apply only one access list on any interface.
- You can configure one access list, per direction, per layer 3 protocol.
- You can place as many access lists as you want on any interface.
- You can configure one access list, per direction, per layer 2 protocol.
Correct Answer

A. You can configure one access list, per direction, per layer 3 protocol.

Explanation

You can configure one access list, per direction, per layer 3 protocol. This means that you can apply one access list to control traffic in one direction (inbound or outbound) for a specific layer 3 protocol (such as IPv4 or IPv6). This allows for granular control over the traffic that is allowed or denied on the interface based on the specified layer 3 protocol.

Rate this question:

7
9.

A network administrator is configuring ACLs on a Cisco router to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when combined, would you use to accomplish this task? (Choose two)
- Access-list 10 permit ip 192.168.146.0 0.0.1.255
- Access-list 10 permit ip 192.168.147.0 0.0.255.255
- Access-list 10 permit ip 192.168.148.0 0.0.1.255
- Access-list 10 permit ip 192.168.149.0 0.0.255.255
- Access-list 10 permit ip 192.168.146.0 0.0.0.255
- Access-list 10 permit ip 192.168.146.0 255.255.255.0
Correct Answer(s)

A. Access-list 10 permit ip 192.168.146.0 0.0.1.255
A. Access-list 10 permit ip 192.168.148.0 0.0.1.255

Explanation

The two ACL statements that would allow traffic from the specified networks are "access-list 10 permit ip 192.168.146.0 0.0.1.255" and "access-list 10 permit ip 192.168.148.0 0.0.1.255". The first statement allows traffic from the network 192.168.146.0 to 192.168.147.255, which includes all hosts in that network. The second statement allows traffic from the network 192.168.148.0 to 192.168.149.255, which includes all hosts in that network. Together, these two statements cover all the specified networks and allow traffic from hosts within them.

Rate this question:

5
10.

A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the internet. Which ACL can be used?
- Reflexive
- Extended
- Standard
- Dynamic
Correct Answer

A. Dynamic

Explanation

A dynamic ACL can be used to allow temporary entry for a remote user with a specific username and password. Dynamic ACLs are created dynamically and can be modified or deleted based on certain conditions or events. In this case, the network engineer can create a dynamic ACL that allows access for the remote user with the specific username and password, and then remove or modify the ACL once the temporary access is no longer needed.

Rate this question:

1

Quiz Review Timeline (Updated): Dec 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Dec 21, 2023

Quiz Edited by
ProProfs Editorial Team
Mar 17, 2015

Quiz Created by
Rap

CCNA – The IT Certification Exam About Computer Security Quiz

The standard access lists are ranged from 101 to 199 and from 1100 to 1199.

Quiz Preview

Which item represents the standard IP ACL?

The authentication process is completed by the router or central access.

There can be any number of inbound access lists on an interface, irrespective of other details.

On which options are standard access lists based?

Refer to the exhibit.An attempt to deny web access to a subnet blocks all traffic from the subnet. Which interface command immediately removes the effect of ACL 102?

Which statement about access lists that are applied to an interface is true?

A network administrator is configuring ACLs on a Cisco router to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when combined, would you use to accomplish this task? (Choose two)

A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the internet. Which ACL can be used?