Cisco-Training.net
1. By default, how is IP traffic filtered in a Cisco router?
blocked in and out of all interfaces
blocked on all inbound interfaces, but permitted on all outbound interfaces
• permitted in and out of all interfaces
blocked on all outbound interfaces, but permitted on all inbound interfaces
2. Which three parameters can ACLs use to filter traffic? (Choose three.)
packet size
• protocol suite
• source address
• destination address
source router interface
destination router interface
3. How do Cisco standard ACLs filter traffic?
by destination UDP port
by protocol type
• by source IP address
by source UDP port
by destination IP address
4. Which two statements are correct about extended ACLs? (Choose two)
Extended ACLs use a number range from 1-99.
Extended ACLs end with an implicit permit statement.
• Extended ACLs evaluate the source and destination addresses.
• Port numbers can be used to add greater definition to an ACL.
Multiple ACLs can be placed on the same interface as long as they are in the
same direction.
5. Where should a standard access control list be placed?
close to the source
• close to the destination
on an Ethernet port
on a serial port
6. Which three statements describe ACL processing of packets? (Choose three.)
• An implicit deny any rejects any packet that does not match any ACL
statement.
• A packet can either be rejected or forwarded as directed by the statement that
is matched.
A packet that has been denied by one statement can be permitted by a
subsequent statement.
A packet that does not match the conditions of any ACL statements will be
forwarded by default.
• Each statement is checked only until a match is detected or until the end of the
Cisco-Training.net
ACL statement list.
Each packet is compared to the conditions of every statement in the ACL before
a forwarding decision is made.
7. Which two statements are true regarding the significance of the access control
list wildcard mask 0.0.0.7? (Choose two.)
T