A. Set of protocols to define traffic in a router
B. Set of rules used for packet filtering
C. Set of guidelines that every router should follow
D. Set of features that every router contains
Explanation: An access control list is a set of confinements(rules), which can be configured in a router. These rules are defined to permit specific packets and to refuse particular packets at interface. ACL acts as a firewall at the router, which performs packet filtering.
A. Number and name
B. Number and special characters
C. Names and binary numbers
D. Special character and binary numbers
Explanation: We can assign names that suits our list so that we can remember them easily. Also, these named access lists are convenient to edit. Numbered access lists have specific number range to use and entries in these lists can’t be deleted.
A. Allowing a network
B. Denying a sub-network
C. Denying a service
D. Allowing a host
Explanation: Standard access list can’t deny or allow a particular service from the host. It can deal with a host or network or sub-network only. An extended access list can contain restrictions for the services that belong to different port numbers in a host.
A. Source ip address and destination ip address
B. Source ip address, protocol and port number
C. Source ip address
D. Source ip address, protocol, port number and destination ip address
Explanation: In standard access list, only a destination IP address is used to filter, but in extended access list, source and destination IP address, protocol and port number are used. More specifications in packet filtering make extended access lists more sophisticated and advanced in security.
A. True
B. False
C.
D.
Explanation: Each interface and protocol are allowed to have only one access list; also, multiple access lists for an interface causes ambiguity. But layer 2 devices can have multiple access lists for a single interface based on defined norms.
A. It will allow all the packets into the network
B. It will deny all the packets from entering the network
C. It will allow only few packets into the network
D. It does nothing
Explanation: If there is no access list with the name that is assigned to the interface, then it can be considered as an empty access list. Empty access list clearly indicates that there are no restrictions on the packets. So, the interface will send all the packets into the network without restriction.
A. 1 to 99
B. 99 to 199
C. 1 to 99 or 1300 to 1999
D. 99 to 199 or 2000 to 3000
Explanation: Both ranges help to identify whether specific access list is standard or extended. Standard access lists can also be represented by names, but unlike named lists, numbered access lists do not support modification like edit, or delete in them.
A. 1 to 99 or 1300 to 1999
B. 1 to 99 or 1300 to 2699
C. 100 to 199 or 1999 to 2699
D. 100 to 199 or 2000 to 2699
Explanation: Given ranges will differ from numbered standard access list which has range from 1 to 99 or 1300 to 1999. Given ranges are used to distinguish the standard list and extended list.
A. It furnishes the security
B. It helps the network to perform well
C. It speeds up the packet transmission
D. It manages the traffic over the network
Explanation: An access list cannot speed up the packet transmission. An access list is nothing but a set of rules, which needs to be checked for a packet at the interface. So, the packet may take more time to be transmitted than usual time when it is subjected to checking.
A. It is implemented on layer 3 devices
B. It supports outbound and inbound traffic
C. It can have 2 access lists on a layer 2 interface
D. It can be configured on ether-channel also
Explanation: Port access control list can be configured on layer 2 devices. As layer 2 deals with MAC and IP addresses, port access list supports both MAC access list and IP access list. So, a single interface can have 2 access lists in layer 2. Ether-Channels cannot configure port access control lists.