Answers to Review Questions
463
Answers to Review Questions
1.
B. Wildcards are used to specify a range of subnets. 31 is a wildcard
used to filter a block size of 32. The IP address subnet starts at 32 and
uses a block size of 32, so the subnets filtered are 3263.
2.
B. Wildcards are used to specify a range of subnets. 63 is a wildcard
used to filter a block size of 64. The IP address subnet starts at 64 and
uses a block size of 64, so the subnets filtered are 64127.
3.
A. Standard IP access lists use only source IP addresses to filter a
network.
4.
C, D. Extended IP access lists use source and destination IP
addresses, the protocol field in the Network layer header, and the port
number in the TCP header.
5.
B. Standard access lists should be placed closest to the destination
and extended access lists should be placed closest to the source.
6.
A. Standard access lists should be placed closest to the destination
and extended access lists should be placed closest to the source.
7.
A. Standard IP access lists are numbered 199.
8.
B. Extended IP access lists are numbered 100199.
9.
C. Adding switches by themselves provides no security. Access lists
are applied at the distribution layer. Port security at the access layer
stops users from attaching into any port on a switch.
10.
A. Use
the
access-class number in/out
command to set an access
list on a VTY line.
11.
A. Use the
ip http access-class number
command to set an
access list on an HTTP server.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com