CCNA – The IT Certification Exam About Computer Security Quiz
(251).jpg "CCNA The IT Certification Exam About Computer SecurITy Quiz - Quiz")
Looking for an IT certification practice test? How about the IT certification exam for the computer security quiz? In computer security, an access-control list is a list of permissions associated with a system resource. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Let's find out your knowledge with this quiz. Wish you all the best with this test!
- 1.
Which item represents the standard IP ACL?
- A.
Access-list 50 deny 192.168.1.1 0.0.0.255
- B.
Access-list 110 permit IP any any
- C.
Access-list 2500 denies tcp any host 192.168.1.1 eq 22
- D.
Access-list 101 denies tcp any host 192.168.1.1
Correct Answer
A. Access-list 50 deny 192.168.1.1 0.0.0.255Explanation
The correct answer is "access-list 50 deny 192.168.1.1 0.0.0.255" because it represents a standard IP ACL. Standard IP ACLs are used to filter traffic based on source IP addresses only. In this case, the ACL is denying any traffic coming from the IP address 192.168.1.1 with a wildcard mask of 0.0.0.255, which means it will match any source IP address in the 192.168.1.0/24 range.Rate this question:
-
- 2.
A network administrator is configuring ACLs on a Cisco router to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when combined, would you use to accomplish this task? (Choose two)
- A.
Access-list 10 permit ip 192.168.146.0 0.0.1.255
- B.
Access-list 10 permit ip 192.168.147.0 0.0.255.255
- C.
Access-list 10 permit ip 192.168.148.0 0.0.1.255
- D.
Access-list 10 permit ip 192.168.149.0 0.0.255.255
- E.
Access-list 10 permit ip 192.168.146.0 0.0.0.255
- F.
Access-list 10 permit ip 192.168.146.0 255.255.255.0
Correct Answer(s)
A. Access-list 10 permit ip 192.168.146.0 0.0.1.255
C. Access-list 10 permit ip 192.168.148.0 0.0.1.255Explanation
The two ACL statements that would allow traffic from the specified networks are "access-list 10 permit ip 192.168.146.0 0.0.1.255" and "access-list 10 permit ip 192.168.148.0 0.0.1.255". The first statement allows traffic from the network 192.168.146.0 to 192.168.147.255, which includes all hosts in that network. The second statement allows traffic from the network 192.168.148.0 to 192.168.149.255, which includes all hosts in that network. Together, these two statements cover all the specified networks and allow traffic from hosts within them.Rate this question:
-
- 3.
There can be any number of inbound access lists on an interface, irrespective of other details.
- A.
True
- B.
False
Correct Answer
B. FalseExplanation
The statement is false because there can only be one inbound access list per interface. Multiple access lists cannot be applied to the same interface in the inbound direction.Rate this question:
-
- 4.
Refer to the exhibit.An attempt to deny web access to a subnet blocks all traffic from the subnet. Which interface command immediately removes the effect of ACL 102?
- A.
No IP access-class 102 in
- B.
No IP access-class 102 out
- C.
No IP access-group 102 in
- D.
No IP access-group 102 out
- E.
No IP access-list 102 in
Correct Answer
D. No IP access-group 102 outExplanation
The correct answer is "no IP access-group 102 out". This command removes the effect of ACL 102 on outgoing traffic, allowing traffic from the subnet to pass through the interface without any restrictions.Rate this question:
-
- 5.
The authentication process is completed by the router or central access.
- A.
True
- B.
False
Correct Answer
A. TrueExplanation
The statement is true because the authentication process is indeed completed by the router or central access. These devices are responsible for verifying the identity of the user or device trying to access the network. They typically use various authentication methods such as passwords, digital certificates, or biometrics to ensure that only authorized users can gain access to the network.Rate this question:
-
- 6.
On which options are standard access lists based?
- A.
Destination address and wildcard mask
- B.
Destination address and subnet mask
- C.
The source address and subnet mask
- D.
The source address and wildcard mask
Correct Answer
D. The source address and wildcard maskExplanation
Standard access lists are based on the source address and wildcard mask. This means that when creating a standard access list, the criteria for permitting or denying traffic is determined based on the source IP address of the packets. The wildcard mask is used to specify which bits in the source address should be matched. By using the source address and wildcard mask, network administrators can control access to specific source IP addresses or ranges of addresses.Rate this question:
-
- 7.
Refer to the exhibit.Statements A, B, C, and D of ACL 10 have been entered in the shown order and applied to interface E0 inbound to prevent all hosts (except those whose addresses are the first and last IP of subnet 172.21.1.128/28) from accessing the network. But as is, the ACL does not restrict anyone from the network. How can the ACL statements be re-arranged so that the system works as intended?
- A.
ACDB
- B.
BADC
- C.
DBAC
- D.
CDBA
Correct Answer
D. CDBAExplanation
The correct order of ACL statements should be CDBA. In this order, statement C will be evaluated first, which denies access to all hosts except those with the first and last IP of subnet 172.21.1.128/28. Statement D will be evaluated next, denying access to all hosts. Statement B will then permit access to the first and last IP addresses of the subnet. Finally, statement A will permit access to all other hosts. This re-arrangement ensures that the ACL works as intended by preventing access to all hosts except the specified ones.Rate this question:
-
- 8.
The standard access lists are ranged from 101 to 199 and from 1100 to 1199.
- A.
True
- B.
False
Correct Answer
B. FalseExplanation
The statement is false because standard access lists are ranged from 1 to 99 and from 1300 to 1999, not from 101 to 199 and from 1100 to 1199.Rate this question:
-
- 9.
Which statement about access lists that are applied to an interface is true?
- A.
You can apply only one access list on any interface.
- B.
You can configure one access list, per direction, per layer 3 protocol.
- C.
You can place as many access lists as you want on any interface.
- D.
You can configure one access list, per direction, per layer 2 protocol.
Correct Answer
B. You can configure one access list, per direction, per layer 3 protocol.Explanation
You can configure one access list, per direction, per layer 3 protocol. This means that you can apply one access list to control traffic in one direction (inbound or outbound) for a specific layer 3 protocol (such as IPv4 or IPv6). This allows for granular control over the traffic that is allowed or denied on the interface based on the specified layer 3 protocol.Rate this question:
-
- 10.
A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the internet. Which ACL can be used?
- A.
Reflexive
- B.
Extended
- C.
Standard
- D.
Dynamic
Correct Answer
D. DynamicExplanation
A dynamic ACL can be used to allow temporary entry for a remote user with a specific username and password. Dynamic ACLs are created dynamically and can be modified or deleted based on certain conditions or events. In this case, the network engineer can create a dynamic ACL that allows access for the remote user with the specific username and password, and then remove or modify the ACL once the temporary access is no longer needed.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Dec 21, 2023Quiz Edited by
ProProfs Editorial Team -
Mar 17, 2015Quiz Created by
Rap
Back to top