standard IP access list provides basic packet filtering
abilities, based on the source IP address of a packet only.
As a general rule, apply standard IP access lists close to
the destination network to which you wish to permit or deny
access.Standard IP access lists fall into the numerical
range 1-99
Unlike standard IP access lists (which only allow you to
filter packets based on their source IP address), extended
IP access lists allow a much more granular level of
control. Extended IP access lists allow filtering not only
on source addresses, but also on destination addresses,
protocols, and even applications, based on their port
number. For example, you might choose to permit or deny a
group of hosts from accessing a particular server, limit
access to a telnet server to only a single host, or
similar.Extended IP access lists are identified through
their use of the 100-199 numerical range.
In standard access-list the range area is 0-99 but in case
of extended access-list the range area is 100-199 and in
standard access-list we cannot create permission on
specific protocol like bloking the telnet or ftp......we
can do that in extended access-list.
In standard access-list we can filter the packet after
routing.and it will applied on destination router.its depend
only on source ip address.
but in case of extended access list we can filter the packet
before routing,and it will applied on source router,its
depend on source ip,destination ip,port and protocol.
Standard access list basically used to filter packets by IP
address & is basically close to the destination router.(1-99)
Extended access list is used to filter packets based on
address ,protocol & port no. dedicated for particular
services.(100-199)
Standared IP access list is based on IP address.Apply close
to the destination that can only filter packet based on
there source IP address.Numeric value from 1-99,1300-1399
Extended IP access list is based on Port address.Apply
close to source that can filter not only source address but
also destination address based on there port number.Numeric
value from 100-199.Allow more grangular level of controle.
When you enable standard access-list it will block entire
thing but extended access-list can block every port like
ftp,telnet etc.
Standard range is 1-99 and extended range is 100-199.
Difference between Standard ACL & Extended ACL -
a) In Standard ACL, filtering is based on source IP address.
where as in extended ACL, filtering is bases on Source IP
address, Destination IP address, Protocol Type, Source Port
Number & Destination Port Number.
b) Standard ACL are used to block particular host or sub
network. where as Extended ACL is used to block particular
services.
c)Standard ACL is implemented as possible closer to
destination. where as Extended ACL is implemented as
possible closer to source.
d) Standard ACL is created from 1 - 99 & extended range 1300
- 1999. where as Extended ACL is created from 100 - 199 &
extended range 2000 - 2699.
e) In Standard ACL, two communication will be blocked, where
as in Extended ACL, one way communication will be blocked.
f) In Standard ACL, all services will be blocked. Where as
in Extended ACL, particular services wil be blocked.
Hope this much of difference will help u guys. Keep posting
new question plzzzz....!!!
Thanking you
Shahin
In distance-vector routing, there is a problem known as the
'count
to infinity' problem. What is the most direct solution to this?
A.) Defining a Maximum.
B.) You can not solve the 'count to infinity' problem with a
distance
vector protocol.
C.) Poison Reverse.
D.) Triggered Updates.
E.) Split Horizon.
A router on one side of a PPP link uses the resonance RTR1
and the password COPP1-PWD. Which configuration line on
RTR1 enables a connection between RTR1 and another router
named RTR2?
A. username, RTR2 password COPR1-PWD,
B. username, RTR1 password COPR1-PWD,
C. username, RTR2 password COPR2-PWD,
D. username, RTR1 password COPR2-PWD,
What are four ways that Fast Ethernet compares to 10BaseT
Ethernet? (Choose four)
A. Fast Ethernet uses the same Maximum Transmission Unit (MTU)
B. Fast Ethernet is based on an extension to the IEEE 802.3
specification
C. Fast Ethernet uses the same Media Access Control (MAC)
mechanisms
D. Fast Ethernet preserves the frame format that is used by
10BaseT Ethernet
E. Fast Ethernet errors a speed increase one hundred times
that of the 10BaseT Ethernet
Which OSI layer supports the communication component of an
application?
A.) Data-Link
B.) Physical
C.) Session
D.) Presentation
E.) Application
F.) Transport
You have just issued the erase startup-config Command and
reloaded your router. In which mode will your router be
when you react?
A. setup
B. startup
C. user EXEC
D. userd privileged
E. global configuration
Which statement should you use to deny FTP access (only)
from network 210 93 105 0 to network 223 8 151 0?
A. access list 1 deny 210 93 105 0 0 0 0 0 any eq ftp access
list 1 permit any
B. access list 100 deny tcp 210 93 105 0 0 0 0 255 223 8 151
0 0 0 0 255 eq ftp
C. access list 100 deny ip 223 8 151 0 0 0 0 255 any eq ftp
access list 100 permit hp any any
D. access list 100 deny tcp 210 93 105 0 0 0 0 255 223 8 151
0 0 0 0 255 eq ftp access list 100 permit ip any any
What type of frame does CDP use to gather information about it's
neighbors?
A.) TCP/IP
B.) Novell-ether
C.) Subnetwork Access Protocol (SNAP)
D.) Ethernet_II
A network is vow congested currently all the devices are
connected through a hub. Which would best decrease
congestion on this network?
A. add a second hub
B. replace the hub with a router
C. replace the hub with a switch
D. replace the hub with a repeater
Which three commands are used to configure information into
RAM on a router? (Choose three)
A. configure memory
B. configure terminal
C. configure overwrite
D. copy tftp startup-config
E. copy running-config startup-config
F. copy startup-config running-config
To Refer this Site to Your Friends 
Site Map
