+
Related Flashcards
Cards In This Set
| Front | Back |
|
Standard IP ACL range?
|
1-99 &1300-1999
|
|
Extended IP ACL range?
|
100-199 & 2000-2699
|
|
Command to configure Standard IP ACL to prevent all machines on network 172.16.0.0 from accessing your Ethernet network?
|
Access-list 10 deny 172.16.0.0 0.0.255.255
access-list 10 permit any
|
|
Command to apply ACL from question 3 to e1?
|
Int e1
ip access-group 10 in/out
|
|
Command to create ACL to permit host 192.168.15.5 telnet access?
|
Access-list 10 permit (host) 192.168.15.5
line vty 0 4
access-class 10 in
|
|
Another command equals to 'access-list 10 permit any'?
|
Access-list 10 permit 0.0.0.0 255.255.255.255
|
|
Command to verify if ACL applied to int?
|
Show ip interface
|
|
Two commands to see all configured ACLs on router?
|
Show access-list
show running-config
|
|
Command to create extended ACL to deny Bob 172.16.10.1 from telnetting to Marketing host 172.16.30.5, with comment explaining it?
|
Access-list 110 remark Deny Bob
access-list 110 deny tcp host 172.16.10.1 host 172.16.30.5 eq 23
access-list 110 permit ip any any
|
|
Commands to create a named access list 'blockPing' that blocks ping from networks 172.160.0.0/22 to host 192.168.0.101?
|
(config)# ip access-list extended blockPing
(config-ext-nacl)# deny icmp 172.16.0.0 0.0.3.255 host 192.168.0.101 echo
(config-ext-nacl)# permit ip any any
(config-ext-nacl)# exit
|
|
Command to apply Named ACL from question 11 to ethernet int?
|
Ip access-group blockPing in
|
|
Where should Standard ACL be placed, closest to Source or Destination?
|
Destination
|
|
Where should Extended ACL be placed, closest to Source or Destination?
|
Source
|
|
Blocksize-1 = ?
|
Wildcard
|
|
Commands to create a Switch Port ACL which prevents access to MAC address aaaa.bbbb.cccc?
|
Mac access-list extended myACL
deny any host aaaa.bbbb.cccc
permit any any
exit
|
