CCNP系列認證CCNP(642-813)判斷題每日一練(2020.04.27)

來源:考試資料網(wǎng)
1.判斷題

Acme is a small shipping company that has an existing enterprise network comprised of 2 
switches;DSW1 and ASW2. The topology diagram indicates their layer 2 mapping. VLAN 40 is a new VLAN that will be used to provide the shipping personnel access to the server. For security reasons, it is necessary to restrict access to VLAN 20 in the following manner: 
- Users connecting to ASW1’s port must be authenticate before they are given access to the network. -Authentication is to be done via a Radius server:
- Radius server host: 172.120.39.46
-Radius key: rad123 
- Authentication should be implemented as close to the host device possible. 
- Devices on VLAN 20 are restricted to in the address range of 172.120.40.0/24. 
- Packets from devices in the address range of 172.120.40.0/24 should be passed on VLAN 20. 
- Packets from devices in any other address range should be dropped on VLAN 20. 
- Filtering should be implemented as close to the server farm as possible. 
The Radius server and application servers will be installed at a future date. You have been tasked with implementing the above access control as a pre-condition to installing the servers. You must use the available IOS switch features.
 

4.判斷題

Network topology exhibit: 
 


You work as a network administrator at . You study the network topology exhibit carefully. is a small 
company that has an existing enterprise network consisting of two switches named 1 and 2. The network topology schemata indicates their layer 2 mapping. VLAN 40 is a new VLAN that will be used to provide the shipping personnel access to the server. For security reasons, it is necessary to restrict access to VLAN 20 in the following manner: 
Users connecting to 1’s port must be authenticate before they are given access to the network. Authentication is to be done via a Radius server: 
Radius server host: 172.120.39.46 
Radius key: key 
Authentication should be implemented as close to the host device possible. 
Devices on VLAN 20 are restricted to in the address range of 172.120.40.0/24. 
Packets from devices in the address range of 172.120.40.0/24 should be passed on VLAN 20. 
Packets from devices in any other address range should be dropped on VLAN 20. Filtering should be implemented as close to the server farm as possible. 
The Radius server and application servers will be installed at a future date. You have been tasked with implementing the above access control as a pre-condition to installing the servers. You must use the available IOS switch features.