RE: Access-list , Cisco exam question [7:41]

Tue, 10 Apr 2001 08:14:24 -0700 

Poorly worded,
I would have answered (C); because of the keyword (to).

But I guess it depends!
What I see this access list doing is:  allowing return packets of any telnet
session established from 172.16.x.x to _any_ other network.

If 172.16.x.x is an external network, then I might (struggle &) say (D).  
Then what the access-list is really saying, and I am assuming that it is
applied on in interface as "in", is that any telnet session created from
internal network to the 172.16.x.x net may come back in (established).  And
any telnet session created to another network (172.31.x.x) would not be
allowed--return packets dropped, but the initial outgoing packet to
establish the connection would go out to 172.31.x.x.


If 172.16.x.x is an internal network, then I would say (C).
Then the access-list would be saying, and with another assumption that it is
also applied on an interface as "in", is that any telnet session return
packets may come back to the 172.16.x.x (established). 

established :   For the TCP protocol only; indicates an 
                established connection. A match occurs 
                if the TCP datagram has the ACK or RST 
                bits set. The nonmatching case is that of 
                the initial TCP datagram to form a connection.
 

HTH,
TroyC



-----Original Message-----
From: Arthur Simplina [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 10, 2001 3:49 AM
To: [EMAIL PROTECTED]
Subject: Access-list , Cisco exam question [7:41]


What is the result of the command?

access-list 101 permit tcp any 172.16.0.0 0.0.255.255 establisbed

a. telnet sessions will be denied if initiated from any address other than
172.16.0.0 network
b. telnet sessions will be denied to the 172.16.0.0 network only
c. telnet sessions will be permitted regardless of the source address
d. telnet sessions will be permitted to the 172.16.0.0 network only
e. telnet sessions will be denied regardless of the source address
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=68&t=41
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to