A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()A、access-list 101 deny tcp 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any anyB、access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23 access-list 101 permit ip any anyC、access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21 access-list 1 permit ip any anyD、access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23 access-list 1 permit ip any any

A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?()

  • A、access-list 101 deny tcp 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23  access-list 101 permit ip any any
  • B、access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23  access-list 101 permit ip any any
  • C、access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21  access-list 1 permit ip any any
  • D、access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23  access-list 1 permit ip any any

相关考题:

The Ezonexam network administrator wants to use a router named VE1 to segment the local network. What are some of the advantages of using VE1 to segment the network? (Choose two)A. Routers generally cost less than switchesB. Filtering can occur based on Layer 3 informationC. Broadcasts are not forwarded across the routerD. Broadcasts are eliminatedE. Adding a router to the network decreases latencyF. Routers can generally support more LAN ports than switches

A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?A. BPDUB. Port securityC. RSTPD. STPE. VTPF. Blocking mode

An administrator wants to be alerted when a network-based attack is underway, but the company policy prohibits blocking or dropping network connections.Which of the following MUST be deployed?() A.IDSB.IPSC.FirewallD.Managed PKI

A company wants to secure access to its internal wireless network. The company wants to use themost secure means to access the network. Which of the following is the BEST choice for wireless security in this situation?()A. WEP encryptionB. Channel rotationC. Disable SSIDD. WPA encryption

An administrator wants to limit access of a wireless network without requiring authorized users toenter a password or network key.Which of the following methods would MOST likely be implemented on the wireless network?()A. Disable SSIDB. WPAC. MAC filteringD. RAS

An administrator wants to test the network MTU. Which of the following commands allows differentsize packets to be sent?() A.netstatB.tracerouteC.nbtstatD.ping

A network administrator wants to detect a login attack against a router. What IOS command can make the attack recorded in syslog server?()A、Logging detect fail-loginB、Login on-failure logC、Login detect login-failure logD、Logging login on-failureE、none of the above

A network administrator needs to configure port security on a switch.which two statements are true?()A、The network administrator can apply port security to dynamic access portsB、The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.C、The sticky learning feature allows the addition of dynamically learned addresses to the runningconfiguration.D、The network administrator can apply port security to EtherChannels.E、When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.

An administrator has added a new device to a system and wants to determine if it has been correctly added to the ODM database. Which command would the system administrator use?()A、odmgetB、odmaddC、odmshowD、odmcreate

A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?()A、BPDUB、Port securityC、RSTPD、STPE、VTPF、Blocking mode

A network administrator needs to configure port security on a switch.which two statements are true?()A、The network administrator can apply port security to dynamic access portsB、The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.C、The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.D、The network administrator can apply port security to EtherChannels.E、When dynamic mac address learning is enabled on an interface,the switch can learn new addresses,up to the maximum defined.

An administrator wants to test the network MTU. Which of the following commands allows differentsize packets to be sent?()A、netstatB、tracerouteC、nbtstatD、ping

An administrator has purchased monitoring software that can be configured to alert administrators when hardware and applications are having issues.  All devices are configured with SNMP, but the administrator wants to further secure the SNMP traffic.  Which of the following settings would BEST provide additional monitoring security?()A、Setting up a custom community nameB、Configuring the network to block traffic on port 161C、Configuring the Windows Firewall to block port 161D、Setting SNMP to read only on the devicesE、Installing new MIBs

An administrator wants to be alerted when a network-based attack is underway, but the company policy prohibits blocking or dropping network connections. Which of the following MUST be deployed?()A、IDSB、IPSC、FirewallD、Managed PKI

An administrator wants to proactively collect information on attackers and their attempted methods of gaining access to the internal network. Which of the following would allow the administrator to do this?()A、NIPSB、HoneypotC、DMZD、NIDS

An AIX server is configured with a static IP address but the system administrator wants the server to give out IP addresses for clients who want to use the dynamic host configuration protocol instead of static IP addresses.How is this accomplished?()A、Use SMIT to have the server use DHCP instead of a static addressB、Edit /etc/rc.tcpip and start the dhcpsd daemonC、Use the network options command to enable ipforwardingD、Edit /etc/rc.net to set network options back to default

A network administrator wants to analyze the historical performance of the servers in the organization and forecast the system performance needs into the future.  Which add-on component of IBM Director would be used to assist with this task?()A、Capacity ManagerB、Resource MonitorsC、System AvailabilityD、System Performance Monitor

An AIX server has 2 network interfaces and the system administrator wants to enable the users on the locally configured network interface to be able to connect to systems configured on the global network interface.  How is it accomplished?()A、Enable routed on the serverB、Enable gated on the serverC、Enable ipforwarding on the serverD、Set network options back to default

单选题A company wants to secure access to its internal wireless network. The company wants to use themost secure means to access the network. Which of the following is the BEST choice for wireless security in this situation?()AWEP encryptionBChannel rotationCDisable SSIDDWPA encryption

单选题A network administrator wants to permit Telnet traffic initiated from the address book entry the10net in azone called UNTRUST to the address book entry Server in a zone called TRUST.However, the administrator does not want the server to be able to initiate any type of traffic from the TRUSTzone to the UNTRUST zone. Which configuration would correctly accomplish this task?()A AB BC CD D

单选题A network administrator wants to verify the active alarms on interface so-0/0/0. Which command displays this information?()Ashow interfaces alarmsBshow interfaces terseCshow alarms extensiveDshow interfaces extensive

单选题The administrator wants to backup the existing VIO server software and its current configuration before applying an update.  What command will the administrator use to backup the VIO server software so that the backup can be restored from a Network Installation Manager (NIM) server or a Hardware Management Console (HMC)?()A mksysb -t vio /mountpointB backupios -file /mountpointC mksysb -i /mountpoint/vio.mksysbD backupios -mksysb -file /mountpoint/vio.mksysb

单选题An administrator wants to limit access of a wireless network without requiring authorized users to enter a password or network key. Which of the following methods would MOST likely be implemented on the wireless network?()ADisable SSIDBWPACMAC filteringDRAS

单选题A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?()ABPDUBPort securityCRSTPDSTPEVTPFBlocking mode

单选题A network administrator wants to detect a login attack against a router. What IOS command can make the attack recorded in syslog server?()ALogging detect fail-loginBLogin on-failure logCLogin detect login-failure logDLogging login on-failureEnone of the above

多选题An administrator has purchased monitoring software that can be configured to alert administrators when hardware and applications are having issues. All devices are configured with SNMP, but the administrator wants to further secure the SNMP traffic. Which of the following settings would BEST provide additional monitoring security?()ASetting up a custom community nameBConfiguring the network to block traffic on port 161CConfiguring the Windows Firewall to block port 161DSetting SNMP to read only on the devicesEInstalling new MIBs

单选题You are the network administrator for The network consists of a single Active Directory domain. The domain contains 20 Windows Server 2003 computers and 400 Windows XP Professional computers. Software Update Services (SUS) is installed on a server named Testking2. The network security administrator wants you to ensure that the administrative password is not compromised when an administrator connects to Testking2's SUSAdmin Web site remotely by using HTTP. You want only SSL to be used to connect to the SUSAdmin Web site. The network security administrator creates a digital certificate and enables communication for SSL on port 443 of Testking2. However, administrators are still able to connect to the SUSAdmin Web site by using HTTP. You need to ensure that communication to the SUSAdmin Web site is always secure. What should you do?()ADisable port 80 on the SUSAdmin Web site.BRequire 128-Bit SSL on all directories related to the SUSAdmin Web site.CChange the default Web site to require 128-Bit SSL.DEnable IPSec on Testking2 with the Request Security IPsec template.

单选题You are the network administrator at TestKing. TestKing has been provided withthe network address 165.100.27.0/24. The TestKing CEO wants to know how many subnetworks this address provides, and how many hosts can be supported on each subnet. What would your reply be?()AOne network with 254 hosts.B254 networks with 254 hosts per network.C65,534 networks with 255 hosts per network.D30 networks with 64 hosts per network.E254 networks with 65,534 per network.