QUIZ 2

Question 1

is a series of IOS commands that are used to filter packets based on information
found in the packet header

Answer 1

ACL/ ACCESS LIST CONTROL

Question 2

A sequential list of permit or deny statements

Answer 2

ACES/ ACCESS CONTROL ENTRIES

Question 3

controls access to a
network by analyzing the incoming and/or
outgoing packets and forwarding them or
discarding them based on given criteria

Answer 3

packet filtering

Question 4

Types of ACL

Answer 4

STANDARD ACL
EXTENDED ACL

Question 5

filter at Layer 3
using the source IPv4 address only

Answer 5

standard acl

Question 6

filter at Layer 3 using
the source and / or destination IPv4 address.
They can also filter at Layer 4 using TCP, UDP
ports, and optional protocol type information for
finer contro

Answer 6

extended acl

Question 7

filters packets before they are routed to the outbound interface. An
inbound ACL is efficient because it saves the overhead of routing lookups if the packet
is discarded

Answer 7

inbound acl

Question 8

filters packets after being routed, regardless of the inbound
interface.

Answer 8

outbound acl

Question 9

2 ACL Operation

Answer 9

inbound AcL
outbound ACL

Question 10

is similar to a subnet mask in that it uses the ANDing process to identify
which bits in an IPv4 address to match.

Answer 10

wildcard mask

Question 11

This keyword substitutes for the 0.0.0.0 mask. This mask states that all IPv4
address bits must match to filter just one host address

Answer 11

host

Question 12

This keyword substitutes for the 255.255.255.255 mask. This mask says to
ignore the entire IPv4 address or to accept any addresses

Answer 12

any

Question 13

Document ACL using ________ command

Answer 13

remark

Question 14

packet filtering occurs in what layer?

Answer 14

3 and 4

Question 15

a command used to create a nmed ACL

Answer 15

ip access-list

Question 16

match the corresponding bit value in the address

Answer 16

wildcard mask bit 0

Question 17

ignore the corresponding bit value in the addrrss

Answer 17

mask bit 1

Question 18

Networks are commonly implemented
using _________addresses, as defined
in RFC 1918.

Answer 18

private IPv4

Question 19

its primary use is to conserve IPv4 addresses

Answer 19

NAT

Question 20

NAT stands for ?

Answer 20

Network Address Translation

Question 21

NAT includes four types of addresses:

Answer 21

• Inside local address
• Inside global address
• Outside local address
• Outside global addre

Question 22

The address of the device which is being translated by NAT.

Answer 22

Inside address

Question 23

The address of the destination device

Answer 23

Outside address

Question 24

is any address that appears on the inside portion
of the network

Answer 24

Local address

Question 25

is any address that appears on the outside portion of the network.

Answer 25

Global address

Question 26

Types of Nat?

Answer 26

STATIC DYNAMIC PAT NAP

Question 27

uses a one-to-one mapping of local and global addresses configured by the network administrator that remain constant

Answer 27

STATIC NAT

Question 28

uses a pool of public addresses and assigns them on a first￾come, first-served basis.

Answer 28

DYNAMIC NAT

Question 29

also known as NAT overload, maps multiple private IPv4 addresses to a single public IPv4 address or a few addresses

Answer 29

PAT

Question 30

Only modifies the IPv4 addresses

Answer 30

NAT

Question 31

modifies both the IPv4 address and the port number.

Answer 31

PAT

Question 32

displays information about the total number of active translations, NAT configuration parameters, the number of addresses in the pool, and the number of addresses that have been allocated.

Answer 32

show ip nat statistics

Question 33

To verify that the NAT translation is working before testing

Answer 33

clear ip nat statistics

Question 34

displays all static translations that have been configured and any dynamic translations that have been created by traffic

Answer 34

show ip nat translations

Question 35

To configure PAT to use a single IPv4 address, add the keyword _________ to the ip nat inside source command

Answer 35

overload

Question 36

Identifies the source network or host address to filter

Answer 36

source

Question 37

command is used to bind a numbered or named standard IPv4 ACL to an interface

Answer 37

ip access-group

Question 38

Created using the access-list access-list-number global configuration command.

Answer 38

Numbered Extended ACL

Question 39

Created using the ip access-list extended access-list￾name.

Answer 39

Named Extended ACL

Question 40

Four proticols that are most popular option to filter on internet protocol

Answer 40

icmp-internet control message protocol ip- any internet protocol tcp-transmission control protocol udp- user datagram protocol

Question 41

TCP can also perform basic stateful firewall services using the TCP_______ keyword

Answer 41

established

Question 42

This will permit inside HTTP and HTTPS traffic to exit to the internet

Answer 42

surfing

Question 43

- This will only permit returning web traffic to the inside hosts while all other traffic exiting the R1 G0/0/0 interface is implicitly denied.

Answer 43

browsing