Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cybersecurity > Access Lists > Flashcards

Access Lists Flashcards

1
Q

Access Lists
Goals:
Standard Access Lists tasks
Modus Operandi:

A 
Goals:
§ Control inbound and outbound traffic
§ At the IP level (Layer 3)
§ At the transport level (Layer 4)
§ Standard Access Lists tasks
§ Limit network traffic
§ Provide traffic flow control
§ Filter traffic based on traffic type
§ Screen hosts to permit or block traffic
§ Provide a basic level of security
Modus Operandi:
§ Define legitimate & blocked traffic based on:
§ Source & destination IPs
§ Source & destination Ports
§ Transport protocols
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Standard Access Lists Command

A

Syntax: Router(config)# access-list access-listnumber { deny | permit | remark } source [ source-wildcard ][ log ]

listnumber : 1 to 99, 1300 to 1999

source-wildcard = masque, log : send a log message to the console when a packet matches the entry

remark : add a remark (commentaire), make the list easier to understand and scan

on peut permit any

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Named Standard Access Lists

A

Instead of using “numbers”, ACLs can also be named to improve readability

(config) ip access-list { standard | extended } name

(config-std-nacl)# { permit | deny | remark } {source [source-wildcard]} [log]

(config-if)# ip access-group name { in | out }

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Extended Access Lists

IP based ACL

A

access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny |
permit} protocol source source-wildcard destination destination-wildcard
[precedence precedence] [tos tos] [log | log-input]
[time-range time-range-name][fragments]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Extended Access Lists

Internet Control Message Protocol (ICMP) based ACL

A

access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny |
permit} icmp source source-wildcard destination destination-wildcard
[[icmp-type] [icmp-code] | [icmp-message]] [precedence precedence] [tos tos] [log |
log-input]
[time-range time-range-name][fragments]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Extended Access Lists

Transport Control Protocol (TCP) based ACL

A

access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny |
permit} tcp source source-wildcard [operator [port]] destination destination-wildcard
[operator [port]]
[established] [precedence precedence] [tos tos] [log | log-input]
[time-range time-range-name][fragments]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

User Datagram Protocol (UDP) based ACL

A

access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny |
permit} udp source source-wildcard [operator [port]] destination destinationwildcard [operator [port]]
[precedence precedence] [tos tos] [log | log-input] [time-range time-rangename][fragments]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Cybersecurity (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions