You are on page 1of 2

1.

What is a sequential list of permit or deny An ACL


statements that apply to addresses or upper-
layer protocols?
2. What are the two things a router can do with a Accept
packet? Deny
3. How must ACLs be defined? on a per-protocol, per
direction, or per port basis
4. What happens to packets if an ACL is not all packets passing through
configured on the router? the router will be allowed onto
all parts of the network.
5. Where are packets either accepted or At the interface
rejected?
6. How does the router read an ACL? From top to bottom

7. What happens to the ACL statements once a the accept or reject action is
match is found in the list? performed and no other ACL
statements are checked
8. What happens if additional condition the entire ACL must be
statements are needed in an access list? deleted and recreated with the
new condition statements
9. What is placed at the end of EVERY ACL? Implicit deny statement
10. What mode are you in to create an ACL? Global config
11. What are the two steps in creating an ACL? 1. Create ACL
2. Apply it to interface
12. What are the two directions ACLs can be In
placed? Out
13. Where should a standard ACL be placed? closest to the destination
14. Where should an extended ACL be placed? Closest to the source
15. What happens if no match is found? The packet is denied
16. What does a "1" mean in wildcard masking? Ignore
17. What does a "0" mean in wildcard masking? Check
18. What IP address and subnet mask will the 0.0.0.0 255.255.255.255
word any substitute for?
19. What command shows ALL the ACLs on a show access-lists
router?
e-Lab Activity: Verifying ACLs
20. What address do standard ACLs check? Source IP
21. What is the default wildcard mask? 0.0.0.0
22. What 4 things can and Extended ACL check? source address
destination packet addresses
protocols
port numbers
23. What type of echo packet is sent to the sender destination was unreachable
if the packet is discarded?
24. Can you use the wildcard host or any Yes
keywords in the command?

25. What does the ip access-group command an existing extended ACL to


link? an interface

1
26. What Cisco IOS allowed for named ACLs? 11.2
27. What mode must you be in to configure a Config
named ACL?
28. Where do you place an Extended ACL? As close to the source as
possible
29. Where do you place a Standard ACL? As close to the destination as
possible
Interactive Media: Point & Click: ACL placement
30. Who does a firewall try to keep out of the intruders come from the global
intranet? Internet
31. Where are most firewall routers placed? between the internal network
and an external network, such
as the Internet
32. What are routers that are situated on the Border routers
boundaries of the network?
33. What two types of ACLs are used on packets Standard
traveling through the router? extended
34. What are the numbers of the virtual ports on a 0 1 2 3 4
router?
35. Why should identical restrictions be placed on it is not possible to control
all vty lines? which line a user will connect
on.