Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ccie security > IOS Security > Flashcards

IOS Security Flashcards

1
Q

When can object-groups be used in IOS ACLs?

A

Only on IPv4 extended ACLs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How do you view L2 MAC address as well as L3/L4 information on traffic matching an ACE?

A

Add the log-input keyword to the ACE.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How do you tag an ACL log entry to be searchable in a syslog receiver?

A

Added a user defined cookie at the end of the ACE log keyword.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do you tag an ACL with a hash value that can be unique within a syslog receiver?

A

Use the global command “ip access-list logging hash-generation”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or False: By default on the initial packet in a session is used to generate a log message?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do you enable a router to match locally generated traffic on an ACL?

A

By using the command “ip access-list match-local-traffic”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Ture or False: Inbound ACLs will filter both data plane and control plane traffic?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ccie security (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions