New CCNA – Access list Questions

dear all
regarding question 6 which is
Which statement about access lists that are applied to an interface is true?

A. you can apply only one access list on any interface
B. you can configure one access list, per direction, per layer 3 protocol
C. you can place as many access lists as you want on any interface
D. you can configure one access list, per direction, per layer 2 protocol

Answer: B

the answer for me is weird because the “per layer 3 protocol”, I reviewed the Extended ACL used protocol keywords like igmp, tcp, udp, ip, eigrp, icmp but UDP and TCP are not layer 3 protocols, so how this answer is right

Answer B is correct because in the old days we used to set IPX standard and extended access control list among other legacy layer 3 protocols as Appletalk and DECnet. ;-)

Answer B is correct. This for routed protocols such as IPv4, IPv6 or old IPX

Q3 & 7 in my exam today. Passed

Q6 in my exam today . Passed

Hi,
Can someone explain the Q.2 briefly please?

Hi Ali,

access-list 10 permit ip 192.168.146.0 0.0.1.255>>> means that it allow ip from .146 to .147 since it used the 0.0.1.255, the .1 on 3rd octet of the wildcard mask, 255-1 = 254 (meaning increment of 2), and on the 4th octet 255 means any,so it allow network 192.168.146.0 and 192.168.147.0. I hope you understand it. It is really hard for me to explain -_-

Q3 & 7 today. Praise allah for i have passed

Q5: i think question is wrong how access ends with permit any and he wants to prevent all hosts accept those two ips as he describes??? any one can expline for me please.

“permit 172.21.1.129 0.0.0.0″ allow first host
“permit 172.21.1.142 0.0.0.0″ allow last host
“deny 172.21.1.128 0.0.0.15″ prevent all hosts
“permit any” allow all other traffic
You have to put permit any any at the end access-list because default end access-list is deny any any

Also correct answer would be DCBA

What’s ACL1Y2 mode 3 ? Pleaseeeeee

q1,2,4,6,7 yesterday. passed!

Q3, Q7 on 15th Feb.

Hello!
Can any one explain to me Q2?
thanks a lot

@noor, only sumary on two networks
192.168.146.0, 192.168.147.0 ….. sumary 1 acl 1
192.168.148.0, 192.168.149.0….. sumary 2 acl 2

Pass today 890 Thanks….

can anyone help me with the latest dumps.i am writing my exam in 2weeks.my e-mail add adekanmbijude@yahoo.com

Q2 explanation:

Convert IP to binary:
1. 192.168.146.0, 192.168.147.0
192.168.146.0 — 1001 0010
192.168.147.0 — 1001 0011
==> summary address: 1001 001X = 192.168.146.0 /23 (first 2 octets combined are
16 bits, the 3rd octet has 7 bits for total of 23 bits or /23)
Wildcard for /23 = 0.0.1.255 hence the first ACL covers 192.168.146.0 0.0.1.255

2. 192.168.148.0, 192.168.149.0
192.168.148.0 — 1001 0100
192.168.149.0 — 1001 0101
==> summary address: 1001 010X = 192.168.148.0 /23 (first 2 octets combined are
16 bits, the 3rd octet has 7 bits for total of 23 bits or /23)
Wildcard for /23 = 0.0.1.255 hence the second ACL covers 192.168.148.0 0.0.1.255

Thanks to 9 tut I passed today with 972/1000 all question from 9tut

Passed yesterday with score 1000 Thank God

The exam was 51 questions, only one drag and drop about cable types, all questions are very easy just similar to 9tut.

The lab simulations were Eigrp , ACL1 (similar to 9tut exactly) and ACL2 (modification 3 but with host B to access the finance server)

Good luck for everyone, just be relaxed its very very easy :)

questions3,7 were in it

can anyone tel me that in CCNA exam questions of which chapter apperes???

mostly which chapter???

Passed my CCNA exam today (18th Mar)… Q2, Q4 and Q7 in exam

How many times can u retake ccna afta u fail???

hello 9tut. question:

the only deceiving part of question #2 is the following:
/23= 255.255.254.0
128 subnets/ block size=2
192.168.146.0 network covers from 192.168.146.1-192.168.147.254
192.168.148.0 network covers from 192.168.148.1-192.168.149.254

Technically, 192.168.147.0 is not a network because it resides in the network 192.168.146.0
I was able to figure the answer out based solely on the wildcard mask, and process of elimination
Am I missing something because the question phrases it as “hosts on network 192.168.147.0″
this is a bit deceiving

Q1,Q5

Hey 213 look at what you put as the network ip.. that is what is wrong

your using the wrong network ip

3 private IP’s for the LAN Host
Host A 192.168.25.3
Host B 192.168.25.4
******************Host C 192.168.25.5
2 Public IP addresses
198.18.188.25
198.18.188.26
2 Servers were on
172.16.25.5
172.16.25.4
Q1. Write an Access list that will allow host C to access the Finance accounting server via HTTP.
Q2.Other LAN hosts should not access the Finance accounting server but can access the Public web server
Q3. Hosts from the core network should not also access the Finance accounting server but can access the rest.
I tried creating an ACL with the commands below but always got an error:
under config mode:
#access-list 1 permit tcp 192.168.25.5 0.0.0.3 eq 80
#access-list 1 permit 192.168.25.5 0.0.0.3
#access-list 1 permit 192.168.25.5 0.0.0.3 eq 80
#access-list 1 permit tcp 192.168.25.5 0.0.0.3 eq80
#access-list 1 permit 192.168.25.5 0.0.0.3 eq80
Got error on the above.

hey 213

you are leaving out .3 and .4 hosts … with that network statement..

please tell me the exam pattern as below:-
1.Number of questions
2.Time of exam in hours
3.marks
4.if there is questions set

In Q3 the answer is no ip access-group 102 out I think they mean there is no such an Acl Active on the interface look at the lesson explanation by clicking on the link at the beginning of the page and you will understand.

Justin13, do not get confused by the phrase “hosts on network 192.168.147.0″. Any IP address can stand for a Host or a Network address, depending on the mask applied. An address with a mask ff.ff.ff.ff can be considered as a Host only. 192.168.147.0 ff.ff.ff.0 is a Network address, whileas 192.168.147.0 ff.ff.fe.0 is a Host address.

thank you Agya. Its possible I am too literal, but I still think the question is worded improperly

In your explanation you say any IP address can stand for a Host or network address, ‘depending on the mask applied’
in this case, the 255.255.254.0 mask was applied, so technically 192.168.147.0 is not a network in this subnet mask, no?

Pased ccna on 13 april…..got 1000 marks….this is the best site

Am writing my CCNA 200-120 on the 22nd of april. can someone plz send me the lastest dumps? Ikeshegs@gmail.com

Q1,2,3,5

192.168.147.0 can be a network with a block size of 1 means with /24 prefix…

I cant understand question 2
If i try to summarize the networks 146-149, i get the block size of 1, i cant figure out why are you guys trying to summarize network 192.168.146.0 and 192.168.147.0 together and separate them from 192.168.149.0 and 192.168.149.0?…

@gidz – don’t summarize. Because of the increment when you have a wildcard mask of 0.0.1.255 you’re including 146-147 and 148-149 in the ACL.
For example:
192.168.146.0/23 (subnet mask 255.255.254.0 / wildcard mask 0.0.1.255)
192.168.146.1 – first host
192.168.147.254 – last host
192.168.147.255 – broadcast address

but 192.168.146.0 and 192.168.147.0 was stated as a network, ryt?

Hello guys, those who said they passed the exam, did you guys pay the 9$ and reviewed from there or did you just studied the questions here for free?

passed today. Thanks a lot to 9tut. eigrp trouble shooting lab and both ACL labs came.

please i need help ! i need dump for my email please !! danielbar159@gmail.com

Can anyone send ccna latest dumps in PDF format youimprovedalot@gmail.com

can anyone mail me the latest ccna 200-120 dumps please ! nehged1491@gmail.com

Could you please send the latest CCNA(200-120) dumps vinodvarghese79@gmail.com

Can someone share me latest CCNA dumps on zameer.ise@gmail.com