Config Router

  • Google Sheets
  • CCNA Online training
    • CCNA
  • CISCO Lab Guides
    • CCNA Security Lab Manual With Solutions
    • CCNP Route Lab Manual with Solutions
    • CCNP Switch Lab Manual with Solutions
  • Juniper
  • Linux
  • DevOps Tutorials
  • Python Array
You are here: Home / Cisco / CCNA DC FAQ: IPv4 Access Control Lists on Cisco Nexus Switches

CCNA DC FAQ: IPv4 Access Control Lists on Cisco Nexus Switches

June 11, 2021 by James Palmer

CCNA DC FAQ: IPv4 Access Control Lists on Cisco Nexus Switches
CCNA DC FAQ: IPv4 Access Control Lists on Cisco Nexus SwitchesFigure: Backdrop for Discussion of List Process with IP ACLs

Q1. Barney is a host with IP address 10.1.1.1 in subnet 10.1.1.0/24. Which of the following are things that a standard IP ACL could be configured to do? (Choose two answers.)
a. Match the exact source IP address.
b. Match IP addresses 10.1.1.1 through 10.1.1.4 with one access-list command without matching other IP addresses.
c. Match all IP addresses in Barney’s subnet with one access-list command without matching other IP addresses.
d. Match only the packet’s destination IP address.

Answer: A and C. An IP ACL can be configured to match the exact IP address by using the host keyword or using a /32 subnet mask for the source address. This can be done in one entry.

Q2. Which of the following wildcard masks is most useful for matching all IP packets in subnet 10.1.128.0, mask 255.255.255.0?
a. 0.0.0.0
b. 0.0.0.31
c. 0.0.0.240
d. 0.0.0.255
e. 0.0.15.0
f. 0.0.248.255

Answer: D. When creating an IOS ACL, you use the wildcard mask to match the ACL entry. The wildcard mask for 255.255.255.0 is 0.0.0.255.

Q3. Which of the following masks is most useful for matching all IP packets in subnet 10.1.128.0, mask 255.255.240.0?
a. 0.0.0.0
b. 0.0.0.31
c. 0.0.0.240
d. 0.0.0.255
e. 0.0.15.255
f. 0.0.248.255

Answer: E. When creating an IOS ACL, you use the wildcard mask to match the ACL entry. The wildcard mask for 255.255.240.0 is 0.0.15.255.

Q4. ACL 1 has three statements, in the following order, with address and mask values as follows: 1.0.0.0/8, 1.1.0.0/16, and 1.1.1.0/24. If a router tried to match a packet sourced from IP address 1.1.1.1 using this ACL, which ACL statement does a router consider the packet to have matched?
a. First
b. Second
c. Third
d. Implied deny at the end of the ACL

Answer: A. In an ACL the first match is used; in this case, 1.1.1.1 would match 1.0.0.0/8.

Q5. On a Cisco Nexus switch, what command will allow only host 10.1.1.1 to talk with host 192.168.1.3 for web traffic that is unencrypted for ACL web subcommands?
a. permit tcp host 10.1.1.1 host 192.168.1.3 eq 80
b. permit ip 10.1.1.0/24 host 192.168.1.3
c. permit tcp 10.1.1.0/24 192.168.1.0/24 eq 80
d. permit ip any any

Answer: A. To permit only host 10.1.1.1 to host 192.168.1.3 on port 80 or the web, you must use the host keyword or a /32 subnet address. Using the host keyword will only allow a host to talk to a host on a particular port, in this case, port 80.

Q6. Which AAA method allows a user after login to access to a certain configuration level on a Cisco network device?
a. Authentication
b. Access-List
c. Authorization
d. Accounting

Answer: C. Following authentication, a user must gain authorization for doing certain tasks. After logging into a system, for instance, the user may try to issue commands. The authorization process determines whether the user has the authority to issue such commands.

Related

Filed Under: Cisco Tagged With: CCNA, CCNA Data Center, CCNA Data Center FAQ, CCNA DC FAQ, CCNA DC FAQ: IPv4 Access Control Lists on Cisco Nexus Switches, IPv4 Access Control Lists on Cisco Nexus Switches

Recent Posts

  • How do I give user access to Jenkins?
  • What is docker volume command?
  • What is the date format in Unix?
  • What is the difference between ARG and ENV Docker?
  • What is rsync command Linux?
  • How to Add Music to Snapchat 2021 Android? | How to Search, Add, Share Songs on Snapchat Story?
  • How to Enable Snapchat Notifications for Android & iPhone? | Steps to Turn on Snapchat Bitmoji Notification
  • Easy Methods to Fix Snapchat Camera Not Working Black Screen Issue | Reasons & Troubleshooting Tips to Solve Snapchat Camera Problems
  • Detailed Procedure for How to Update Snapchat on iOS 14 for Free
  • What is Snapchat Spotlight Feature? How to Make a Spotlight on Snapchat?
  • Snapchat Hack Tutorial 2021: Can I hack a Snapchat Account without them knowing?

Copyright © 2022 · News Pro Theme on Genesis Framework · WordPress · Log in