ACL试题（国外英文资料）.doc

ACL试题（国外英文资料） In the control list configuration, the operator gt portnumber indicates that the control is (b) The port number is less than this number The port number is greater than this number The port number is the service of this number The port number is not the service of this number 2) on a router is configured with the following access an access list - the list 4 deny 55 access - the list 4 permit 55 said: (c) A. Only prohibit all access to the source address of Only allow the destination address of for all access C. check the source IP address and prohibit the host on the segment, but allow the host on the segment D. check the destination IP address and prohibit the host of segment, but allow the host of segment The following configuration for the firewall: Firwell enable The port configuration is as follows Interface Serial0 IP address Encapsulation PPP NAT enable Interface Ethernet0 IP address 0.1, The internal network of the company is connected to Ethernet0, which accesses the Internet via the address translation at Serial0. If you want to prohibit all hosts from accessing /16, you can access other sites. The following configuration meets the requirements: (AD) A. access-list 1 deny 0.255.255 in Serial0: access-group 1 in B. access-list 1 deny 0.255.255 in Serial0: access-group 1 out C. access-list 101 deny IP any .255.255 in Ethernet0: access-group 101 in D. access-list 101 deny IP any .255.255 in Ethernet0: access-group 101 out A access control list 1 is configured on the Qudway router and enables a firewall. You now need to filter all the packets that are entered using the Serial0 interface. The following can be achieved by (e) In global mode configuration: firewall 1 serial0 in In the global mode configuration: access-group 1 serial0 out In the interface mode configuration of Serial0: access-group 1 in In the interface mode configuration of Serial0: access-group 1 out The interface pattern configuration for Serial0: IP access-group 1 in