11 - Access Control List Flashcards
Where are Access Control Lists (ACL) used?
- Computer networks (firewalls, switches and routers)
- Computer file systems (servers and workstations)
- Web portals (Canvas, Amazon.com)
- Cloud configurations (Amazon Web Service VPC, Microsoft Azure VNET)
What is Access Control List (ACL)?
A rule-based feature that allows network administrators and engineers to configure basic traffic filtering. ACL is a series of commands, that based on info in the packet header, determine whether to drop a packet or forward it.
What device contains ACLs?
Firewalls
What are stateless firewalls?
Looks at source and destination with conditions that allow or block traffic
What is a stateful firewall?
Will understand the details of a connection and allow the return traffic. Most decent firewalls are stateful.
What are ACL advantages?
- Network performance
2. Security the network
What does ACL restrict?
- Routing protocol advertisement messages
- Packets from security protocols
- Packets from other protocols (e.g. ICMP)
What are standard ACLs?
Filters traffic according to source IP address when implementing restrictions. Cisco recommends to place this type of ACL as close to the destination device as possible
What is an Extended ACL?
Filters packets according to the following parameters: source and destination IP address, protocol typ, and source or destination port. Cisco recommends to place this ACL close to source as possible.
True or False:
When configuring ACL traffic direction (inbound or outbound), must be specified on an interface.
True - so router will implement the proper restriction when examing the source network and destination
What does Inbound ACL do?
Configures the ACL for inbound traffic. Router will examine incoming traffic to the interface.
What does Outbound ACL do?
Configures the ACL for outbound traffic. Router will examine outgoing traffic from the interface.
What are Wildcards?
Inverted subnet masks that can be used in statements for Extended and Standard ACLs.
True or False:
The order of statements in an ACL is not crucial
Fals
What is Access Control Entries (ACEs)?
Represent the order of statements in the ACL. Must be planned carefully.
What is a Check Order?
Router checks each packet’s parameters against the ACEs to find a matching condition. When a condition is met, the ACL will be applied, and additional ACEs will be ignored
What is Implicit Deny?
An invisible statement at the end of every ACL. When no match is found for a packet, the implicit deny is applied to the packet.
True or False:
Each ACP must have at least 2 Permit statements.
False - must have at least 1 Permit statements
Where are Standard ACLs placed?
Close to destination. Cisco set this rule because place Standard ACLs at the source of traffic will prevent comms with any network hosting interfaces to which the ACL applies
True or False:
ACLs can be assigned unique names or numbers
True
What is a Standard Named ACL?
Allow unique names to be assigned to ACLs
What is Standard Numbered ACL?
Allow unique numbers to be assigned to ACLs. Range includes 1-99 and 1300-1999
What is Standard Numbered ACL format?
1.
Does a router verify every packet it forwards against an ACL in chronological order?
Yes - Every inbound or outbound packet parameter is checked according to the received information in every ACE. For example, if you send a stateful packet out via HTTP it is only checked against the outbound rules. The return packet is not checked. On the flip side, if you send out a stateless packet like SNMP, the return packet is a new packet and checked against inbound rules.
