12.1 Access Control Lists (ACL)

Question 1

Standard IP

Answer 1

Standard ACLs can be used to permit or deny traffic based only on the source IP address. Standard ACLs don’t care about where the package is being sent, just the packet origin. Standard ACLs should be placed as close to the destination as possible.

Question 2

Extended IP

Answer 2

An extended ACL can be used to permit or deny traffic based on source and destination IP address. Extended ACLs are also used to permit or deny traffic based on port numbers and different types of traffic such as TCP and UDP

Question 3

Router>enable

Answer 3

This command logs you into the enable mode, also known as the privileged mode.

Question 4

Router#configure terminal

Answer 4

This command logs you into configuration mode.

Question 5

Router(config)#

Answer 5

This is the prompt from which you can start creating access lists

Question 6

Router(config)#ip access-list standard 1

Answer 6

Creates or edits a standard access list using an ID number of 1.

Question 7

Router(config)#10 deny 192.168.0.0 0.255.255.255

Answer 7

Assigns the sequence number of 10 to the deny statement.

Question 8

access-list ACL log

Answer 8

Displays log messages that identify which line in an ACL is being matched.

Question 9

show run

show access-lists

Answer 9

Displays all access lists that exist on the router.

Question 10

show ip int

show run

Answer 10

Displays all access lists applied to an interface.

Question 11

show log

Answer 11

Displays rejected traffic information.

Question 12

show run

show ip access-lists

Answer 12

Displays IP access lists configured on the router.

Question 13

show access-lists [number]

Answer 13

Displays a specific access list.