If you wanted to deny all Telnet connections to only network 192.168.10.0, which command could you use?
Options
A. access-list 100 deny tcp 192.168.10.0 255.255.255.0 eq telnet
B. access-list 100 deny tcp 192.168.10.0 0.255.255.255 eq telnet
C. access-list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23
D. access-list 100 deny 192.168.10.0 0.0.0.255 any eq 23
Correct Answer
access-list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23
Explanation
The extended access list ranges are 100-199 and 2000-2699, so the access-list number of 100 is valid. Telnet uses TCP, so the protocol TCP is valid. Now you just need to look for the source and destination address. Only the third option has the correct sequence of parameters. Answer B may work, but the question specifically states "only" to network 192.168.10.0, and the wildcard in answer B is too broad.
More questions
1. What is the purpose of flow control?
Options
A. To ensure that data is retransmitted if an acknowledgment is not received.
B. To reassemble segments in the correct order at the destination device.
C. To provide a means for the receiver to govern the amount of data sent by the sender.
If you are on a 2950 switch, then the interface command is just
switchport mode trunk, since the 2950 can only run the IEEE 802.1Q version. However, a 3550 can run both ISL and 802.1Q, so you must use the encapsulation command. The argument to choose 802.1Q for a trunking protocol is
dot1q.
4. To test the IP stack on your local host, which IP address would you ping?
Loopback interfaces are created on a router, and the highest IP address on a loopback (logical) interface becomes the RID of the router but has nothing to do with areas and is optional, so (1) is wrong. The numbers you can create an area with are from 0 to 4,294,967,295 option (2) is wrong. The backbone area is called area 0, so option (3) is correct. All areas must connect to area 0, so option (5) is correct. If you have only one area, it must be called area 0. This leaves option (4), which must be correct; it doesn't make much sense, but it is the best answer.
This is a pretty simple question. A /28 is 255.255.255.240, which means that our block size is 16 in the fourth octet. 0, 16, 32, 48, 64, 80, etc. The host is in the 64 subnet.
10. What does a switch do when a frame is received on an interface and the destination hardware address is unknown or not in the filter table?
Options
A. Forwards the switch to the first available link
B. Drops the frame
C. Floods the network with the frame looking for the device
D. Sends back a message to the originating station asking for a name resolution
Correct Answer: Floods the network with the frame looking for the device
Explanation:
Switches flood all frames that have an unknown destination address. If a device answers the frame, the switch will update the MAC address table to reflect the location of the device.