Interested to Buy Any Domain ? << Click Here >> for more details...
what is the basic rules for ACLs?
- 4 Answers
- 11571 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / jitendera
These basic rules should be followed when creating and
applying access lists:
One access list per protocol per direction.
Standard IP access lists should be applied closest
to the
destination.
Extended IP access lists should be applied closest
to the
source
only these two fundamental are the rules of the access-list
| Is This Answer Correct ? | 4 Yes | 0 No |
Answer / jitendra
shaen u r right but it is not like that what are u telling
in the 4 point all are included in these three part.
1 One access list per protocol per direction.
2 Standard IP access lists should be applied closest
to the
destination.
3 Extended IP access lists should be applied closest
to the source
| Is This Answer Correct ? | 4 Yes | 0 No |
Basic rules for ACLs are -
1. All deny statement have to be given first.
2. There should be at least one permit statement.
3. An implicit deny block all the traffic by default, when
there is no match.
4. We can configure one access-list per interface per
direction i.e. two ACL per interface. One in inbound
direction & one in outbound direction.
5. ACL works in sequential order.
6. Editing of access-list is not possible i.e. selecting,
adding or removing access-list statement is not possible.
| Is This Answer Correct ? | 3 Yes | 0 No |
Answer / vikram pratap singh
These basic rules should be followed when creating and
applying access lists:
One access list per protocol per direction.
Standard IP access lists should be applied closest to the
destination.
Extended IP access lists should be applied closest to the
source.
Use the inbound or outbound interface reference as if
looking at the port from inside the router.
Statements are processed sequentially from the top of list
to the bottom until a match is found, if no match is found
then the packet is denied.
There is an implicit deny at the end of all access lists.
This will not appear in the configuration listing.
Access list entries should filter in the order from
specific to general. Specific hosts should be denied first,
and groups or general filters should come last.
Never work with an access list that is actively applied.
New lines are always added to the end of the access list.
A no access-list x command will remove the whole list. It
is not possible to selectively add and remove lines with
numbered ACLs.
Outbound filters do not affect traffic originating from the
local router.
There are many show commands that will verify the content
and placement of ACLs on the router.
The show ip interface command displays IP interface
information and indicates whether any ACLs are set.
The show access-lists command displays the contents of all
ACLs on the router.
show access-list 1 shows just access-list 1.
The show running-config command will also reveal the access
lists on a router and the interface assignment information.
| Is This Answer Correct ? | 2 Yes | 0 No |
What information is provided by the local management interface (LMI)? A.) LMI encapsulation type B.) The current DLCI values C.) The status of virtual circuits D.) The global or local significance of the DLCI values
What command will not display the status of to1? A.) show int to1 B.) show to1 C.) show interface to1 D.) show interface
Explain how many broadcast domains are in switch?
Difference between routed and routing protocols not difference between protocol between those.
What does the command "IP name-server 255.255.255.255" accomplish? A. It sets the domain name lookup to be a local broadcast. B. This is an illegal command. C. It disables domain name lookup. D. The command is now defunct and has been replaced by "IP server-name ip any"
Identify the default values that make up IGRP's composite metric? A.) Bandwidth B.) Load C.) Reliability D.) MTU E.) Delay
Write an access list line which will deny node 20.0.2.1 to anywhere on your network using DNS via UDP. Don't worry about the other access list lines.
What is a characteristic of Store and Forward switches? A.) They work at wire speed. B.) They are the same as Cut-Through switching in 'prune' mode. C.) They forward based on transport layer info. D.) They forward the frame before it is completely read. E.) They increase latency.
what is vtp there is three question regatding vpn but i know it is not conserned with that
When determining whether or not to route a LAN segment, which rule of thumb do you use? A.) 60/40 B.) 50/50 C.) 80/20 D.) 90/10 E.) 70/30
What is required to support full-duplex Ethernet? A.) Multiple paths between multiple stations on a link B.) Automatic sensing operation by all connected stations C.) Loopback and collision detection disabled D.) Full-duplex NIC cards
Which two statements about integrated services digital network (ISDN) are true? A. ISDN provides data only capability B. ISDN provides an integrated voice/data capability C. The ISDN standards define the hardware and call setup schemes for end the end digital connectivity D. Users receive more bandwidth on WANS with a leased lin of 56 Cops than with multiple B channels
CCNA 
