6 - Advanced Network Security Flashcards

1
Q

What are ACLs or access control lists used for?

A

identify and control packet flow across a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is traffic identified by an ACL referred to?

A

interesting traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How do standard ACLs identify traffic?

A

source ip address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do extended ACLs identify traffic?

A

source ip address
destination ip address
protocol
port number

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What happens to traffic that has not been identified in an ACL?

A

explicitly denied

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ACLs are made up of one or more rules called?

A

statements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the implicit deny rule in an ACL?

A

packets that do not match any of the statements are dropped

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the order that an ACL is evaluated?

A

Top to bottom

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is used in an ACL to match a host, subnet, or subnets?

A

wildcard mask

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the trick for calculating wildcard masks?

A

Subtracting the subnet mask from 255 for each octet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What do the bits in a wildcard mask determine?

A

0’s indicate they should be compared

1’s indicate they should be disregarded

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Where should you apply a standard ACL?

A

the router interface closest to the destination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Where should you apply an extended ACL?

A

the router interface closest to the source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the number value range in a standard ACL?

A

1-99

1300-1999

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the number value range in an extended ACL?

A

100-199

2000-2699

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What keyword in an ACL is used to match a specific computers ip address?

A

host

17
Q

What protocols are available in an ACL?

A
gre
icmp
igrp
ip
tcp
udp
18
Q

What operators are availablein an ACL?

A
eq or equal
neq or not equal
LT or less than
gt or greater than
range
19
Q

What is the difference between the access-list command and the ip access-list command?

A
  1. ip access-list is used to create named access lists
  2. ip access-list command will put you in ACL configuration mode (config-sta-nacl)
  3. ip access-list command allows you to use the sequence numbers
  4. access-list command keeps you in config mode
  5. access-list command has to have the commands in the correct sequence order
20
Q

What is the next step after you create an ACL?

A

apply it to an interface

21
Q

how do you apply an ACL to an interface?

A

ip access-group guest-block in

22
Q

How many ACLs can you have per interface?

A

one acl per interface, per protocol, per direction, ie two tcp acls one inbound and one outbound to a single interface

23
Q

Why are ACLs applied to inbound traffic?

A

test all incoming packets with the same set of parameters

24
Q

Why are ACLs applied to outbound traffic?

A

test incoming packets with more than one perameter

25
Q

What is a disadvantage of using outbound ACLs?

A

create unnecessary overhead for the router because it has to process the traffic even though it may be discarded

26
Q

What does the show access-lists or show ip access-lists commands do?

A

view the contents of all the ACLs configured on the router

27
Q

What command is used to verify that an ACL has been applied to the interface?

A

sh ip interface

28
Q

What is logging good for on an ACL?

A

verify that an acl is functioning as intended

29
Q

How do you use the log keyword in an ACL?

A

it has to be applied at the end of each statement that is intended to be logged

30
Q

What is the downside for logging in an ACL?

A

Increase cpu usage

CEF is disabled and instead fast switched

31
Q

What is a time-based acl?

A

uses a time profile to apply an acl

32
Q

What is a dynamic acl?

A

offers additional security by forcing a user to authenticate before gaining permission to send packets

33
Q

What is a reflexive acl?

A

generate temporary acl statements that permit inbound traffic sent in response to outbound traffic

34
Q

What is the command to apply an acl to a vty line?

A

access-class 10 in

35
Q

What are some additional uses for an acl?

A

qos
nat
vpn