Interested to Buy Any Domain ? << Click Here >> for more details...
what is the basic rules for ACLs?
- 4 Answers
- 11553 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / jitendera
These basic rules should be followed when creating and
applying access lists:
One access list per protocol per direction.
Standard IP access lists should be applied closest
to the
destination.
Extended IP access lists should be applied closest
to the
source
only these two fundamental are the rules of the access-list
| Is This Answer Correct ? | 4 Yes | 0 No |
Answer / jitendra
shaen u r right but it is not like that what are u telling
in the 4 point all are included in these three part.
1 One access list per protocol per direction.
2 Standard IP access lists should be applied closest
to the
destination.
3 Extended IP access lists should be applied closest
to the source
| Is This Answer Correct ? | 4 Yes | 0 No |
Basic rules for ACLs are -
1. All deny statement have to be given first.
2. There should be at least one permit statement.
3. An implicit deny block all the traffic by default, when
there is no match.
4. We can configure one access-list per interface per
direction i.e. two ACL per interface. One in inbound
direction & one in outbound direction.
5. ACL works in sequential order.
6. Editing of access-list is not possible i.e. selecting,
adding or removing access-list statement is not possible.
| Is This Answer Correct ? | 3 Yes | 0 No |
Answer / vikram pratap singh
These basic rules should be followed when creating and
applying access lists:
One access list per protocol per direction.
Standard IP access lists should be applied closest to the
destination.
Extended IP access lists should be applied closest to the
source.
Use the inbound or outbound interface reference as if
looking at the port from inside the router.
Statements are processed sequentially from the top of list
to the bottom until a match is found, if no match is found
then the packet is denied.
There is an implicit deny at the end of all access lists.
This will not appear in the configuration listing.
Access list entries should filter in the order from
specific to general. Specific hosts should be denied first,
and groups or general filters should come last.
Never work with an access list that is actively applied.
New lines are always added to the end of the access list.
A no access-list x command will remove the whole list. It
is not possible to selectively add and remove lines with
numbered ACLs.
Outbound filters do not affect traffic originating from the
local router.
There are many show commands that will verify the content
and placement of ACLs on the router.
The show ip interface command displays IP interface
information and indicates whether any ACLs are set.
The show access-lists command displays the contents of all
ACLs on the router.
show access-list 1 shows just access-list 1.
The show running-config command will also reveal the access
lists on a router and the interface assignment information.
| Is This Answer Correct ? | 2 Yes | 0 No |
What is the maximum request timer?
while trouble shooting a network conectivty prob a technician observes that steady link light on the both work stations nic and the switch port which the workstation is conected.however when the ping comand is issuede from the work station the out message is request time out at which layer of osi model does the prob most likly exist 1 sessiom layer protocol layer datalink kayer acess layer network layer application layer i have ansered n/w layer but i am niot sure i have also posted privous question jitendera kumar sinha
Identify the 2 characteristics regarding MAC addresses? A.) Contains a network portion and host portion B.) Always assigned by System Administrator C.) 48 bits long D.) Contains a vendor code and serial number
Identify the 2 methods to modify the routers boot sequence? A.) Setup program B.) Boot system commands C.) RXBoot D.) Config-register
Which three functions are supported by connection oriented servkps? (Choose three) A. connection parameters are synchronized B. any loss or duplication of packets can be corrected C. the data packet is independently routed and the service does not guarantee the packet will be processed in order D. a data communication path is established between a requesting entity and the peer device on the remote end system
What is the difference between ‘bit rate’ and ‘baud rate’?
Which 3 statements describe default encapsulation and LMI type configuration? A.) There are only four encapsulations and 3 LMI type options B.) The LMI type config term options C.) In release 11.3 the LMI type is autosensed D.) The default LMI is Cisco E.) IETF encap must be configured unless the connecting routers are both cisco
Which of the following is an example of the Physical Layer? A.) TCP B.) ARP C.) IP D.) FDDI E.) LLC F.) Fast Ethernet
How does the cut-through switching technique work? A.) By using broadcast address as source addresses B.) The switch waits only for the header to be received before it checks the destination address and starts forwarding the packets C.) The LAN switch copies the entire frame into its onboard buffers and then looks up the destination address in its forwarding, or switching, table and determines the outgoing interface D.) By using a Class I repeater in a collision domain
What is the default LMI type? A.) Cisco B.) ANSI C.) IETF D.) Q933a
Why is UDP lease favored when compared to TCP?
Station A is transmitting data to station B faster that station B can handle it. When station B's buffer fills up, it send out a message to station A to stop sending data. After B empties out its buffer, station B sends a message to station A to start sending data again. This is most directly an example of (pick the best answer only): A.) Poison Reverse B.) Connectionless protocol C.) Windowing D.) Connection oriented protocol E.) Flow Control F.) Split Horizon
CCNA 
