Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

CCNA Exam: ACL

Posted on 2009-04-24
6
Medium Priority
?
968 Views
Last Modified: 2012-06-21
Hi,

1) This is related to one of the CCNA's prep test
2) It is related to Access Control List
3) The question: The access control list shown in the graphic (please see the attached file) has been applied to the Ethernet Interface of Router R1 using "the ip access-group 101 in" command. Which of the following Telnet Sessions will be blocked by thi ACL? (Choose two)
4) The ACL are as follows:
access-list 101 deny tcp 5.1.1.8 0.0.0.3 5.1.3.0 0.0.0.255 eq telnet
access-list 101 permit ip any any
5) The given answers: i) From host A to host 5.1.3.10, ii) and from host B to host 5.1.3.8
6) My questions: Could you explain why these two given answers are Correct?
7) Thank you

Tjie
ACL5001.jpg
0
Comment
Question by:tjie
  • 3
  • 2
6 Comments
 
LVL 23

Accepted Solution

by:
that1guy15 earned 2000 total points
ID: 24228912
"access-list 101 deny tcp 5.1.1.8 0.0.0.3 5.1.3.0 0.0.0.255 eq telnet
access-list 101 permit ip any any"

Says:

deny any originating host from 5.1.1.8 - 5.1.1.15 (invert mask 0.0.0.3) from reaching the subnet 5.1.3.0/24 (0-254) using Telnet
Then allow anything that does not meet that criteria.

So Host A (5.1.1.8) and Host B (5.1.1.10) fall in the first statement and will be denied telnet access to the 5.1.3.0 subnet.


Make sense?
0
 

Author Comment

by:tjie
ID: 24228980
- What does the meaning " From host A to host 5.1.3.10"?

- and also " and from host B to host 5.1.3.8" ?
0
 
LVL 23

Expert Comment

by:that1guy15
ID: 24229014
This is referencing Telneting from Host A to the IP address 5.1.3.10 and from Host B to 5.1.3.8

ACLs always list the originating IP or host first and the destination Ip or host second
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 10

Expert Comment

by:TakedaT
ID: 24229059
Wouldnt 5.1.1.8/30 = the mask 0.0.0.3 or 255.255.255.252 make 5.1.1.8 a network with 4 addresses and not 8?  Either way, those answers look correct as they fall under that range.

FYI, I have run into a few questions on the cisco press CCNA practice exams that said things were right that were actually wrong.  Be carefull not to let them confuse you.
0
 
LVL 10

Expert Comment

by:TakedaT
ID: 24229131
And no points plz as that1guy15 explained it just fine.
0
 
LVL 23

Expert Comment

by:that1guy15
ID: 24229147
Good call TakedaT. That is what i get for not double checking my work :) Sorry Tjie

I agree about practice exams and the questions study material provide (especially Cisco Press). I still use these practice questions though but I never trust an answer they give me. I always try to prove them wrong. This helps me solidify my knowledge of the test subjects.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question