|
|
发表于 2019-4-24 16:07:24
|
显示全部楼层
本帖最后由 夜半歌声 于 2019-4-24 16:49 编辑 3 r# R, j5 K9 H
; S, c3 A( U1 u/ J! O
Question 6, `3 ?2 }* H, F) a
Refer to the exhibit
6 R* k0 U, b/ w' l FR1#show access-list. D$ \) M9 V: N9 P; r8 ]0 X
IP access-list extended Super_User. m6 D% [" g! m' `$ I0 ^4 n
1 permit ip host xxxx host xxxxx# R0 J# ^0 ]6 M7 e* l
2 permit ip host xxxx host xxxxx0 H& e2 E1 ^2 T, {1 }' h0 _
3 permit ip host xxxx host xxxxx
. m* f+ j3 Q1 X% j: w4 K2 w* Q4 u4 permit ip host xxxx host xxxxx3 g! R3 y( C4 Q: ]" o" e* k+ D
5 permit ip host xxxx host xxxxx3 E$ u* @9 E# m" z2 a) S1 r+ o
6 permit ip host xxxx host xxxxx 6 s/ l) d. s7 b/ Y: @2 O
7 permit ip host xxxx host xxxxx
0 g! v$ }7 H t- N- p" g8 permit ip host xxxx host xxxxx# {' ~4 d- D0 r4 @. k- \
9 permit ip host xxxx host xxxxx
* v( |5 u& a9 G6 `) r* F0 \ E7 U
( G% P7 t0 z. q' L! Q) o1 n- w, kWhich of the following commands inserts five additional lines to the ACL Entry Sequence between lines 3 and 4 without changing the existing configuration?
: O, j2 w- ]$ B! B* ~( R7 |A R(conf)# ip access-list resequence Super_User 1 6
2 Z# t# ?! w, [, K! \B R(conf)# ip access-list resequence Super_User 1 5
! m, Z8 \% i% @C R(conf-nacl)# ip access-list resequence Super_User 1 61 Q$ F5 n$ n f0 o6 z+ b+ }0 l% }
D R(conf-nacl)# ip access-list resequence Super_User 1 5
2 E1 \3 Z/ D* g7 w; c. z+ H; v7 ~3 n9 T5 S( h$ O
这道题目,我的答案是 A
/ J! o9 w0 k- p2 N. y, P1 J3 b
3 Y3 P& T" p! d4 S, s1 f8 w以下为测试环境展示
. d" E! ]7 S! a, m2 z$ R5 @' d- R1#sh access-lists ' [) d# R% Z. m C0 c
- Extended IP access list super_user+ x6 W w7 `6 v& P& Z
- 1 permit ip host 1.1.1.1 host 10.1.1.1
2 c( q) g) ]7 ]! Z! w - 2 permit ip host 1.1.1.1 host 10.2.2.2% D% l) d( j* x/ {& {2 G
- 3 permit ip host 1.1.1.1 host 10.3.3.3* Z! K" ]2 C$ O0 f& ~$ F
- 4 permit ip host 1.1.1.1 host 10.4.4.4
, I% `) G8 @, c+ Z7 T# } - 5 permit ip host 1.1.1.1 host 10.5.5.5 u( F+ \: v! s! s- `) a! z& x
- 6 permit ip host 1.1.1.1 host 10.6.6.6
: V- I3 H3 [' L, g; U7 D3 o) S - 7 permit ip host 1.1.1.1 host 10.7.7.7! D/ o0 K, K: m( t3 r
- 8 permit ip host 1.1.1.1 host 10.8.8.8
# V! m9 T- |% `" b - 9 permit ip host 1.1.1.1 host 10.9.9.9
1 H; N0 i, d I3 r0 p
首先验证答案 A) q6 M0 }5 [( l4 r6 A' j7 p! Y, z6 d
" `1 i2 w- r7 y* r: W% |- R1(config)#ip access-list resequence super_user 1 6
% T5 a- b2 v+ L/ e( A1 e Z# U
: X+ _ h, ?* B( L- 验证结果如下:& W8 l; L7 O1 k# Z
) i) }- D) ?- Y+ V' v" t- R1(config)#do sh access-lists
& v+ g/ F9 V. ?4 m5 _, a8 v0 ]9 ? - Extended IP access list super_user
: } I& N9 d, b9 C - 1 permit ip host 1.1.1.1 host 10.1.1.1* T% b" F' U2 C: o. n0 ^
- 7 permit ip host 1.1.1.1 host 10.2.2.2
8 |# M) K( ?5 b8 F) h: L - 13 permit ip host 1.1.1.1 host 10.3.3.34 U7 |% O ]; o5 q- U
- 19 permit ip host 1.1.1.1 host 10.4.4.4+ j0 W6 r) X, J7 o+ D7 C$ ^5 @
- 25 permit ip host 1.1.1.1 host 10.5.5.5$ }- T9 Q% j2 `) B9 Y+ ]
- 31 permit ip host 1.1.1.1 host 10.6.6.6- K% |$ d' f! ?: L) O* Q0 F
- 37 permit ip host 1.1.1.1 host 10.7.7.7
A" }) H! g c4 x& p& ^+ k1 j - 43 permit ip host 1.1.1.1 host 10.8.8.82 ` R! E, w& u* M
- 49 permit ip host 1.1.1.1 host 10.9.9.9
- V! X" h, U* V! P5 u- g; L0 D
: t9 _; P- p8 u. e7 D [" M$ w- 第3行与第4行之间可以插入 14/15/16/17/18 5条acl 语句
再来验证答案B
) I. p& i$ }0 a. l$ {- R1(config)#ip access-list resequence super_user 1 5. ^% U, U. x8 n1 ?4 y
- 0 V0 L* [ b! H
- 验证结果如下:
& |! p; F q' f0 C8 ?: t, y
" }# m- o6 c3 ^+ {) _0 O- R1(config)#do sh access-lists
Q6 p2 {$ @2 ~' f* ? - Extended IP access list super_user
8 V0 K* F" ~5 p - 1 permit ip host 1.1.1.1 host 10.1.1.1
, q: I% Q( E- y5 M! |* C - 6 permit ip host 1.1.1.1 host 10.2.2.2 S, Y7 k' {1 Z7 G1 Q
- 11 permit ip host 1.1.1.1 host 10.3.3.3
2 O, b( S7 Y+ U9 ^ - 16 permit ip host 1.1.1.1 host 10.4.4.4
1 M- C: p9 y. f4 @+ b - 21 permit ip host 1.1.1.1 host 10.5.5.5
( A3 p6 q2 v4 u. m+ s - 26 permit ip host 1.1.1.1 host 10.6.6.60 t8 F/ @2 M; x
- 31 permit ip host 1.1.1.1 host 10.7.7.7. X" v" p; S8 z
- 36 permit ip host 1.1.1.1 host 10.8.8.8
5 T$ S8 ]9 O3 C2 w6 \# B( Y6 L7 w1 m. X - 41 permit ip host 1.1.1.1 host 10.9.9.91 G0 m ]6 }& k3 ]
- 3 T( T2 j& h4 x" A
- $ C7 E [3 }3 |
- 第3行与第4行之间可以插入 12/13/14/15 4条acl 语句
5 k' U6 d. i+ F6 `8 x
/ K" f! ~ m' z1 P8 U6 f验证答案C N' _! X" w" n# o% B
- R1(config-ext-nacl)#ip access-list resequence super_user 1 6
0 q. D2 {0 L, f7 t
5 U) X+ l# e* \9 c+ l, U. l- 验证结果如下:
2 s/ G1 p6 g" r* v; F7 | - 0 O5 y' L0 x% m( g& S1 g5 s, i
- R1(config)#do sh access-lists
- t J0 ^5 ~* X' Q& A! K- O9 ~ - Extended IP access list super_user
; ?3 _8 F! p% e - 1 permit ip host 1.1.1.1 host 10.1.1.1
( J) U9 {7 B+ z - 7 permit ip host 1.1.1.1 host 10.2.2.2+ X! V, u# A' N
- 13 permit ip host 1.1.1.1 host 10.3.3.33 L: S5 h3 |7 P l
- 19 permit ip host 1.1.1.1 host 10.4.4.4
! z/ V) d- X% C - 25 permit ip host 1.1.1.1 host 10.5.5.5
% o! ~3 m* G6 F0 h' u# V- u - 31 permit ip host 1.1.1.1 host 10.6.6.6
# c- f2 U+ x( a - 37 permit ip host 1.1.1.1 host 10.7.7.7
+ W3 G4 }7 b$ n/ ?9 a9 j5 X - 43 permit ip host 1.1.1.1 host 10.8.8.8
/ G7 {! o7 ^7 C; s1 V - 49 permit ip host 1.1.1.1 host 10.9.9.9! e7 [0 k0 h7 P1 c! l. p4 V% c
3 U. y- Q' F2 p. K3 P- 第3行与第4行之间可以插入 14/15/16/17/18 5条acl 语句,验证结果与A相同
# V% o# I1 [6 |* J4 P8 G* v* [
% N' ]! ?5 o, o' @4 B# U+ m, {验证答案D
. L6 K0 }% ?+ r5 U" E- H1 G% \1 F; x
$ ^9 G9 t0 H0 C7 Q- R1(config-ext-nacl)#ip access-list resequence super_user 1 5) K) a" I4 m+ c; K/ z! g
- ' V$ c4 B9 f& H- g
- 验证结果如下:
3 y" L5 H Y d, b# Q; L
: K" O# @! Y% z: T0 t5 c0 l: y) v* l- R1(config)#do sh access-lists
* [+ B- t$ C/ t9 h% G - Extended IP access list super_user; I. V3 x( L8 Q5 s% z+ v
- 1 permit ip host 1.1.1.1 host 10.1.1.1
/ D9 M& A$ N$ `+ N1 ^+ c - 6 permit ip host 1.1.1.1 host 10.2.2.2& s' P2 m2 K) y* B2 y) x2 s q
- 11 permit ip host 1.1.1.1 host 10.3.3.3
D! i' d9 c }5 ^5 a - 16 permit ip host 1.1.1.1 host 10.4.4.4- V9 w" r @7 h
- 21 permit ip host 1.1.1.1 host 10.5.5.5
, D6 a8 l; N* R0 ^! |0 z$ L$ p - 26 permit ip host 1.1.1.1 host 10.6.6.6
$ X) n7 E2 w. C: ]/ Y - 31 permit ip host 1.1.1.1 host 10.7.7.7+ Z- W0 ]- _8 x' M
- 36 permit ip host 1.1.1.1 host 10.8.8.8
5 a! F( f6 h8 x! t5 _% O& a - 41 permit ip host 1.1.1.1 host 10.9.9.9) T$ L: w% m9 y8 r- |
8 g+ ^' a' v8 w/ R p$ l- 第3行与第4行之间可以插入 12/13/14/15 4条acl 语句,验证结果与B相同
( i2 V) B v4 o6 o3 W+ ^% R/ W# U
# a6 A* P- y' K9 N$ N/ U从验证结果上来看,AC相同,BD相同(AC/BD命令其实是一样的,区别仅在于所处模式不同)。
8 t; D4 E( |2 n( x/ ?# I8 T& I2 X% |5 _5 y$ M- |/ f, r
T( {5 [5 f) e8 U* ^那么答案A和C有什么不同呢?我们继续验证- N/ o' A; l0 n5 k& i
验证答案A,使用?进行提示,如果如下:
4 Z5 b4 K; N4 t; z+ a# Z; Q: K1 F; r* B, O5 {! p3 G
- R1(config)#ip access-list ?* e# M: X" X& O* ^: V2 x0 |9 m
- extended Extended Access List
7 O' g% B4 C% y* q - log-update Control access list log updates4 D% ?, W; D3 n! d& D* O. \( R- {- ^
- logging Control access list logging* a- c ?# _/ ~5 `1 J* \9 ~# x
- resequence Resequence Access List: B1 A* l2 W ?
- standard Standard Access List
7 I$ ^+ S/ w ]; i8 |# G' { - ; z/ U: K4 X% W8 b0 ]) l h
- R1(config)#ip access-list res?
4 U' e$ m$ H! O4 b. |7 t% F1 Q7 I/ s - resequence
& y2 }: a- O5 {6 I; m$ H* q8 F( o
4 G( S7 G1 M# u3 w7 R+ L/ K( k- R1(config)#ip access-list res
, Y$ y: c+ v/ d1 u; E- `! Y# J8 [. I r - R1(config)#ip access-list resequence ?
6 O8 \7 }3 C6 T* i+ I% u - <1-99> Standard IP access-list number
: ` G8 F# J+ D6 B - <100-199> Extended IP access-list number
1 L4 R" g2 P1 E1 k* B" } - <1300-1999> Standard IP access-list number (expanded range), Z1 {( ]$ M# S) [
- <2000-2699> Extended IP access list number (expanded range)- a8 K' Z: D, a: @/ t; v' A
- WORD Access-list name
9 h( q7 |6 f# U; e' v4 e - 2 y# t* G4 }& v( c
- R1(config)#ip access-list resequence super_user ?% q7 \; Y p. ]8 |! |" [
- <1-2147483647> Starting Sequence Number9 `0 V4 @4 r% a$ X& F6 T
4 n6 s: b8 |' L& R6 h, O+ c- R1(config)#ip access-list resequence super_user 1 ?
& ~* b# ~! b8 ]6 ` b - <1-2147483647> Step to increment the sequence number0 G, S8 C( Q' v0 {, o# j
: x$ T' h9 @0 r' m5 F- R1(config)#ip access-list resequence super_user 1 6
; J$ y# P" _9 [, t- N4 w8 j6 W6 x1 `" W; R7 V3 |& }9 i+ I
验证答案C,使用?进行提示,如果如下:( i% \: {5 S8 o' q# p! }
3 x* e- d8 Z" i" J- R1(config)#ip access-list extended super_user! D' Z* G P+ v/ j, \$ b
- R1(config-ext-nacl)#ip ?
3 P% z8 L8 J% U. T; g - % Unrecognized command
: d. ]& Z% @! B4 ~ - R1(config-ext-nacl)#ip
 ,虽然我直接将完整命令打上去,并没有提示有错误,命令也能执行,但是从上面的提示来看,考试要考的答案 应该不会是这个,至于为什么能执行这个命令,也许是我使用的模拟器的IOS版本较新吧。
# O# w# t5 k/ ^* S+ x. O3 ^( ?
) Z% W, l' V$ z% y, H0 f* V. r. U5 A) x4 u5 M9 X
经过上面的分析,我认为本题的答案是 A( M" T) i6 T- j4 ~! X5 k2 k
$ e, k- a5 P$ Z; q# k' f& ^( Y& M
6 x/ }" G4 e' q2 t* s. w9 N如果分析有误,欢迎各路大神批评指正。
* [$ {, A7 M+ @+ S
9 A& s8 M( N% o/ S1 F$ j |
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
[复制链接]
