Thursday, April 28, 2016

CCNAv2 Chapter 9 Quiz Answers (100%)

Chapter 9 Quiz (100%)
CCNAv2 (v5.0)

Greetings, and welcome to Seeseenayy.
Below are the answers (this time) to the CCNA2  chapter 9 quiz. 

If there is missing or incorrect information, please correct it in the comments.
Thanks!



ACLs are used primarily to filter traffic. What are two additional uses of ACLs? (Choose two.):

specifying internal hosts for NAT
 

identifying traffic for QoS
 
reorganizing traffic into VLANs 
filtering VTP packets



Refer to the exhibit. What can be determined from this output? 
The ACL is missing the deny ip any any ACE. 
Because there are no matches for line 10, the ACL is not working. 
The ACL is only monitoring traffic destined for 10.23.77.101 from three specific hosts. 
The router has not had any Telnet packets from 10.35.80.22 that are destined for 10.23.77.101.




Refer to the exhibit. A network administrator configures a named ACL on the router. Why is there no output displayed when the show command is issued? 
The ACL is not activated. 
The ACL name is case sensitive. 
The ACL has not been applied to an interface. 
No packets have matched the ACL statements yet.



Refer to the exhibit. A network administrator is configuring an ACL to limit the connection to R1 vty lines to only the IT group workstations in the network 192.168.22.0/28. The administrator verifies the successful Telnet connections from a workstation with IP 192.168.22.5 to R1 before the ACL is applied. However, after the ACL is applied to the interface Fa0/0, Telnet connections are denied. 
What is the cause of the connection failure? 
The permit ACE specifies a wrong port number. 
The enable secret password is not configured on R1. 
The login command has not been entered for vty lines. 
The IT group network is included in the deny statement. 
The permit ACE should specify protocol ip instead of tcp.

Which series of commands will cause access list 15 to restrict Telnet access on a router? 
R1(config)# line vty 0 4 
R1(config​-line)# access-class 15 in 

R1(config)# line vty 0 4 
R1(config​-line)# ip access-group 15 in 

R1(config)# int gi0/0 
R1(config​-if)# access-class 15 in 

R1(config)# int gi0/0 
R1(config​-if)# ip access-group 15 in

Which two statements are correct about extended ACLs? (Choose two) 
Extended ACLs use a number range from 1-99. 
Extended ACLs end with an implicit permit statement. 
Extended ACLs evaluate the source and destination addresses. 
Answer Port numbers can be used to add greater definition to an ACL.



Refer to the exhibit. This ACL is applied on traffic outbound from the router on the interface that directly connects to the 10.0.70.5 server. A request for information from a secure web page is sent from host 10.0.55.23 and is destined for the 10.0.70.5 server. Which line of the access list will cause the router to take action (forward the packet onward or drop the packet)? 
2
3
4
5
the deny ip any any that is at the end of every ACL

In applying an ACL to a router interface, which traffic is designated as outbound?
traffic that is coming from the source IP address into the router 
traffic that is leaving the router and going toward the destination host
traffic that is going from the destination IP address into the router
traffic for which the router can find no routing table entry


What is the effect of the established parameter in an extended ACL? 
blocks all incoming traffic from reaching a network 
allows external traffic into a network only if it is part of an existing connection with an internal host 
allows external sources to send unsolicited requests for information to source IP addresses in the network 
allows traffic from a permitted source address to go to any destination outside the network

Which range represents all the IP addresses that are affected when network 10.120.160.0 with a wildcard mask of 0.0.7.255 is used in an ACE? 
10.120.160.0 to 10.127.255.255 
10.120.160.0 to 10.120.167.255 
10.120.160.0 to 10.120.168.0 
10.120.160.0 to 10.120.191.255




Refer to the exhibit. A network administrator wants to create a standard ACL to prevent network 1 traffic from being transmitted to the Research and Development network. On which router interface and in which direction should the standard ACL be applied? 
R1 Gi0/0 inbound 
R1 Gi0/0 outbound 
R1 S0/0/0 outbound 
R2 S0/0/0 inbound 
R2 Gi0/0 outbound
R2 Gi0/0 inbound

Which command is used to activate an IPv6 ACL named ENG_ACL on an interface so that the router filters traffic prior to accessing the routing table? 
ipv6 access-class ENG_ACL in 
ipv6 access-class ENG_ACL out 
ipv6 traffic-filter ENG_ACL in 
ipv6 traffic-filter ENG_ACL out

Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet? 
access-list 103 deny tcp host 192.168.10.0 any eq 23 
access-list 103 permit tcp host 192.168.10.1 eq 80 

access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1 
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq telnet​​

 access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80
 access-list 103 deny tcp ​192.168.10.0 0.0.0.255 any eq 23 

access-list 103 permit tcp 192.168.10.0 0.0.0.255 any eq 80 
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23


Refer to the exhibit. A network administrator is configuring a standard IPv4 ACL. What is the effect after the command no access-list 10 is entered? 
ACL 10 is disabled on Fa0/1.
ACL 10 is removed from the running configuration. 
ACL 10 will be disabled and removed after R1 restarts. 
ACL 10 is removed from both the running configuration and the interface Fa0/1.

In the creation of an IPv6 ACL, what is the purpose of the implicit final command entries, permit icmp any any nd-na and permit icmp any any nd-ns?
to allow IPv6 to MAC address resolution 
to allow forwarding of IPv6 multicast packets 
to allow automatic address configuration 
to allow forwarding of ICMPv6 packets

4 comments:

Feel free to comment if you have a question, commendation, or concern. We love to hear your feedback!

Please do not share links to external websites if it not relevant to discussion. We reserve our right to remove any content we deem advertising.