Question 1: Which of the following must be configured on a router in order to deny packets based on specific tests? (A. Access lists ) B. RIP C. IGRP D. Source routing Question 2: When using a standard access list, which of the following criteria can routers use for filtering packets? A. MAC address B. Port numbers C. Specific protocols (D. Source address ) Question 3: Along with the packet type, Cisco IOS access lists also check what? A. Physical layer headers (B. Upper layer headers ) C. Lower layer headers D. Data link headers Question 4: What is a possible use of ACLs? A. Increased network traffic B. Decreased security (C. Packet filtering ) D. Decreased latency Question 5: Which order are the statements in an access list processed to determine whether packets should be processed or discarded? A. From bottom of the list up B. In random order C. By prioritizing the incoming packets (D. In sequential order ) Question 6: What happens to a packet that does not match any of the tests in an access list? (A. It is discarded. ) B. It is sent to the recipient. C. It is stored until the access list is updated. or(D. It is returned to the sender. ) Question 7: What is the final step in implementing an access list? ( A. Apply the access list to one or more interfaces. ) B. Set the parameters for the access list tests. C. Determine the state of the access list. D. None of the above Question 8: Which type of access list uses the number range 100-199? A. IPX standard B. AppleTalk C. IP standard ( D. IP extended ) Question 9: IP access lists use which of the following to determine which address bits are examined? A. Subnet masks B. Network masks C. Host IDs (D. Wildcard bits ) Question 10: A wildcard mask bit of "1" means that the corresponding bit must be ___________. A. checked ( B. ignored ) C. deleted D. passed Question 11: What would the wildcard mask be to deny traffic only on network 195.67.52.0? A. 0.0.255.255 B. 255.255.255.0 (C. 0.0.0.255 ) D. 255.255.0.0 Question 12: In an access list, what word can replace 0.0.0.0 255.255.255.255? A. Permit B. Accept ( C. Any ) D. All Question 13: When checking a specific address in an access list, you can abbreviate the address and mask 0.0.0.0 by entering the word ________. A. permit B. deny C. any (D. host ) Question 14: Which type of access list would permit or deny part of a protocol suite? ( A. Standard ) B. General C. Specific D. Extended Question 15: Which command is used to keep track of how many packets were permitted or denied based on an access-list? A. eq B. establish C. ack ( D. log ) Question 16: If you do not specify inbound or outbound on an access list, how will it be applied? A. Inbound B. Outbound C. Both inbound and outbound (D. It will not be applied ) Question 17: What does the following access list do? access-list 1 deny host 172.16.4.13 access-list 1 permit 0.0.0.0 255.255.255.255 int e0 ip access-group 1 A. Blocks packets originating from 172.16.4.13 from going out port E0, but permits all other traffic B. Blocks packets originating from anywhere except 172.16.4.13 from going out port E0 C. Permits traffic originating from anywhere except 172.16.4.13 to send FTP packets into port E0 (D. This is an invalid access list ) Question 18: Which wildcard mask would match the host range for the subnet 192.16.5.32 /27? A. 0.0.0.32 B. 0.0.0.63 C. 0.0.63.255 ( D. 0.0.0.31 ) Question 19: What type of access list would you use to permit or deny specific protocols within the IP suite? A. Extended B. Protocol suite C. Specific (D. Standard ) Question 20: Which port number is used for DNS? ( A. 21 ) B. 33 C. 52 D. 53 Question 21: Which extended ACL parameter allows you to set the acknowledgement bit? ( A. eq ) B. ack C. established D. bit set Question 22: Which ACL would permit everyone to telnet to router 192.168.5.2? B. router-a#access-list 102 permit ip any host 192.168.5.2 eq 23 ( D. router-a#access-list 102 permit tcp any host 192.168.5.2 eq 23 ) Question 23: Where should standard access lists be set? ( A. Close to the source ) B. Close to the destination C. On any router in the network D. Midway between source and destination Question 24: Access lists can be applied to traffic flowing in which direction? A. Inbound only ( B. Both inbound and outbound ) C. Outbound only D. Serial only Question 25: Which Cisco IOS command allows you to view the placement of an access list? A. show access list B. show access-group ( C. show ip interface ) D. show interface