Module G5: ACL (PE) Flashcards

1
Q

Egress traffic is also known as what?

A

outbound

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What command would you use if you were configuring an ACL for any source IP?

A

any

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

At what OSI layer(s) do(es) Standard ACL filtering occur?

A

3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which type of mask is used in ACE’s of Access Control Lists?

A

wildcard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What option will look for any inbound traffic that is trying to initiate a connection?

A

established

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a rule based list that filters inbound and outbound traffic?

A

access control list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Inbound traffic is also known as?

A

ingress

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the default wildcard mask for Access-list?

A

0.0.0.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What looks like an inverted subnet mask?

A

wildcard mask

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the two Extended ACL ranges? (use format xxx-xxx, xxx-xxx)

A

100-199, 2000-2699

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is at the end of each Access List?

A

Implicit Deny

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Outbound traffic is also known as?

A

egress

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of these wildcard masks can be replaced by the single word host in a standard or extended ACL?

  1. 255.255.255
  2. 0.0.0
  3. 255.255.0
  4. 0.0.255
A

0.0.0.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the two Standard ACL ranges? (use format xxx-xxx, xxx-xxx)

A

1-99, 1300-1999

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Ingress traffic is also known as what?

A

inbound

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

True or False ACLs be applied in two directions? (type in answer)

A

True

17
Q

What would the wildcard mask be of the subnet mask: 255.255.0.0

A

00000000.00000000.11111111.11111111

18
Q

Which type of ACL should be placed closest to the source of traffic?

A

extended

19
Q

Which type of traffic do you need to be more cautious of on a network?

A

ingress

20
Q

Which type of ACL should be placed closest to the destination of traffic?

A

standard

21
Q

The wildcard mask that is associated with 192.168.12.96/27 is ________________.
(Note: The wildcard mask can be found by subtracting the subnet mask from 255.255.255.255.)

A

0.0.0.31

22
Q

Which type of access list limits the description of traffic by source address?

A

standard

23
Q

You want to apply an access list of 198 to an interface to filter traffic into the interface. Which command will achieve this?

Router(config)#ip access-list 198 in fast 0/1
Router(config-if)#ip access-list 198 in
Router(config-if)#ip access-class 198 in
Router(config-if)#ip access-group 198 in

A
24
Q

Which statement will block traffic for a server of 192.168.1.5 for SSH?

Router(config)#access-list 90 deny ip host 192.168.1.5 eq 22
Router(config)#access-list 90 deny tcp any host 192.168.1.5 eq 22
Router(config)#access-list 199 deny tcp host 192.168.1.5 any eq 23
Router(config)#access-list 199 deny tcp any host 192.168.1.5 eq 22

A
25
Q

This rule can be found at the bottom of any ACL.

A

implicit deny

26
Q

What is a more robust way to block inbound traffic that is trying to initiate a connection?

A

reflexive acl

27
Q

What acts like a folder and holds a group of ACL’s?

A

Named ACL

28
Q

Where are Reflexive ACL’s typically placed on a router?

A

Outside

29
Q

A router does not have ACLs configured by default.

True/False

A

True

30
Q

A router compares information within a packet against each ACE, in sequential order, to determine if the packet matches one of the ACEs.

True/False

A

True