Access Control Lists Flashcards
1
Q
Access Control Lists
A
- Used to allow or deny traffic
- Also used for NAT, QoS, etc.
- Defined on the ingress or egress of an interface
- Incoming or outgoing
• ACLs can evaluate on certain criteria
• Source IP, Destination IP, TCP port numbers, UDP
port numbers, ICMP
- Deny or permit
- What happens when an ACL matches the traffic?
• ACLs have evolved through the years
• More options and features available for traffic
filtering
2
Q
Firewall rules
A
• Access control lists (ACLs)
• Allow or disallow traffic based on tuples
• Groupings of categories
• Source IP, Destination IP, port number, time of day,
application, etc.
- A logical path
- Usually top-to-bottom
- Can be very general or very specific
- Specific rules are usually at the top
- Implicit deny
- Most firewalls include a deny at the bottom
- Even if you didn’t put one