CIS 225 Unit 4(ACL Concepts) Quiz

Ace your homework & exams now with Quizwiz!

172.16.0.255 172.16.15.36

A network administrator configures an ACL with the command R1(config)# access-list 1 permit 172.16.0.0 0.0.15.255. Which two IP addresses will match this ACL statement? (Choose two.) 172.16.31.24 172.16.65.21 172.16.16.12 172.16.0.255 172.16.15.36

traffic that is leaving the router and going toward the destination host

In applying an ACL to a router interface, which traffic is designated as outbound? traffic for which the router can find no routing table entry traffic that is coming from the source IP address into the router traffic that is leaving the router and going toward the destination host traffic that is going from the destination IP address into the router

remark

When creating an ACL, which keyword should be used to document and interpret the purpose of the ACL statement on a Cisco device?​ description eq established remark

a location as close to the source of traffic as possible

Which location is recommended for extended numbered or extended named ACLs? a location as close to the destination of traffic as possible a location as close to the source of traffic as possible a location centered between traffic destinations and sources to filter as much traffic as possible if using the established keyword, a location close to the destination to ensure that return traffic is allowed

An implicit deny any rejects any packet that does not match any ACE. A packet can either be rejected or forwarded as directed by the ACE that is matched. Each statement is checked only until a match is detected or until the end of the ACE list.

Which three statements describe ACL processing of packets? (Choose three.) Each packet is compared to the conditions of every ACE in the ACL before a forwarding decision is made. An implicit deny any rejects any packet that does not match any ACE. A packet that has been denied by one ACE can be permitted by a subsequent ACE. A packet can either be rejected or forwarded as directed by the ACE that is matched. Each statement is checked only until a match is detected or until the end of the ACE list. A packet that does not match the conditions of any ACE will be forwarded by default.

No routing table entry exists for the packet destination, but the packet matches a permitted address in an outbound ACL. The packet source address does not match the source as permitted in a standard inbound ACE.

Which two conditions would cause a router to drop a packet? (Choose two.) The ACL that is affecting the packet does not contain at least one deny ACE. No routing table entry exists for the packet destination, but the packet matches a permitted address in an outbound ACL. The packet source address does not match the source as permitted in a standard inbound ACE. No inbound ACL exists on the interface where the packet enters the router. No outbound ACL exists on the interface where the packet exits the router.

The ACL does not perform as designed.

A network administrator is configuring an ACL to restrict access to certain servers in the data center. The intent is to apply the ACL to the interface connected to the data center LAN. What happens if the ACL is incorrectly applied to an interface in the inbound direction instead of the outbound direction? The ACL will analyze traffic after it is routed to the outbound interface. All traffic is denied. All traffic is permitted. The ACL does not perform as designed.

access-list 10 permit 192.168.16.0 0.0.3.255

What single access list statement matches all of the following networks?192.168.16.0192.168.17.0192.168.18.0192.168.19.0 access-list 10 permit 192.168.16.0 0.0.0.255 access-list 10 permit 192.168.16.0 0.0.3.255 access-list 10 permit 192.168.0.0 0.0.15.255 access-list 10 permit 192.168.16.0 0.0.15.255

10.120.160.0 to 10.120.167.255

Which range represents all the IP addresses that are affected when network 10.120.160.0 with a wildcard mask of 0.0.7.255 is used in an ACE? 10.120.160.0 to 10.120.168.0 10.120.160.0 to 10.120.191.255 10.120.160.0 to 10.120.167.255 10.120.160.0 to 10.127.255.255

Apply an ACL that has all deny ACE statements.

Which scenario would cause an ACL misconfiguration and deny all traffic? Apply a named ACL to a VTY line. Apply a standard ACL using the ip access-group outcommand. Apply an ACL that has all deny ACE statements. Apply a standard ACL in the inbound direction.

The most specific ACL statements should be entered first because of the top-down sequential nature of ACLs. If an ACL contains no permit statements, all traffic is denied by default.

Which two statements describe appropriate general guidelines for configuring and applying ACLs? (Choose two.) Standard ACLs are placed closest to the source, whereas extended ACLs are placed closest to the destination. Multiple ACLs per protocol and per direction can be applied to an interface. The most specific ACL statements should be entered first because of the top-down sequential nature of ACLs. If an ACL contains no permit statements, all traffic is denied by default. If a single ACL is to be applied to multiple interfaces, it must be configured with a unique number for each interface.


Related study sets

Chapter 18: Nursing Management of the Newborn

View Set

Live Virtual Machine Lab 6.1: Module 06 Wireless Configuration Techniques and Standards

View Set

NUR 351 Quiz #2 (Chapters 14, 25, 36)

View Set

Cell Biology: Describe how the lipid bilayer is produced and assembled and identify and discuss the factors that impact fluidity of the lipid bilayer

View Set

International Business Ch. 1 - Globalization

View Set

Chapter 20: Acute Spinal Cord Injury

View Set