Home > Access list Questions

Access list Questions

May 13th, 2017 Go to comments

Note: If you are not sure about Access list, please read our Access List Tutorial.

Question 1

Explanation

Below is the range of standard and extended access list:

Access list type Range
Standard 1-99, 1300-1999
Extended 100-199, 2000-2699

In most cases we only need to remember 1-99 is dedicated for standard access lists while 100 to 199 is dedicated for extended access lists.

Question 2

Explanation

The syntax of a named ACL is:

ip access-list {standard | extended} {name | number}

Therefore we can configure a standard acl with keyword “standard” and configure an extended acl with keyword “extended”. For example this is how to configure an named extended access-list:

Router(config)#ip access-list extended in_to_out permit tcp host 10.0.0.1 host 187.100.1.6 eq telnet

Question 3

Explanation

Below is the range of standard and extended access list

Access list type Range
Standard 1-99, 1300-1999
Extended 100-199, 2000-2699

Question 4

Explanation

We can use a dynamic access list to authenticate a remote user with a specific username and password. The authentication process is done by the router or a central access server such as a TACACS+ or RADIUS server. The configuration of dynamic ACL can be read here: http://www.cisco.com/en/US/tech/tk583/tk822/technologies_tech_note09186a0080094524.shtml

Question 5

Question 6

Explanation

You can check the named access-list with the “show ip access-list” (or “show access-list”) command:

R1#show ip access-list
Standard IP access list nat_traffic
    10 permit 10.1.0.0, wildcard bits 0.0.255.255
    15 permit 10.2.0.0, wildcard bits 0.0.255.255
    20 permit 10.3.0.0, wildcard bits 0.0.255.255

We can resequence a named access-list with the command: “ip access-list resequence access-list-name starting-sequence-number increment“. For example:

R1(config)#ip access-list nat_traffic 100 10

Then we can check this access-list again:

R1#show ip access-list
Standard IP access list nat_traffic
    100 permit 10.1.0.0, wildcard bits 0.0.255.255
    110 permit 10.2.0.0, wildcard bits 0.0.255.255
    120 permit 10.3.0.0, wildcard bits 0.0.255.255

We can see the starting sequence number is now 100 and the increment is 10. But notice that resequencing an access-list cannot change the order of entries inside it but it is the best choice in this question. Adding or removing a n entry does not change the order of entries. Maybe we should understand this question “how to renumber the entries in a named access-list”.

Question 7

Explanation

The range of standard ACL is 1-99, 1300-1999 so 50 and 1550 are two valid numbers.

Question 8

Question 9

Explanation

The range of standard ACL is 1-99, 1300-1999 so 50 is a valid number for standard ACL.

Question 10

Comments (11) Comments
  1. JLopesn
    February 8th, 2017

    Someone could add link for these questions ?

  2. mandy
    February 21st, 2017

    did you find it? link is mentioned in their FAQ section

  3. Anonymous
    April 11th, 2017

    hi everyone here

  4. MM
    April 24th, 2017

    Which Cisco platform can verify ACLs?
    A. Cisco Prime Infrastructure
    B. Cisco Wireless LAN Controller
    C. Cisco APIC-EM
    D. Cisco IOS-XE
    Correct Answer:B or C ??(correct ans)

  5. Anees
    April 25th, 2017

    @MM. C. Cisco APIC-EM

  6. KACS
    April 27th, 2017

    Which Cisco platform can verify ACLs?
    Answer: Cisco APIC-EM

  7. Becky
    June 21st, 2017

    For question 6, i think the correct answer should be C

    We can add change the order by adding entry at specified line.
    For example, I can specify 15 before a rule to add entry between 10 and 20

  8. Neo
    July 18th, 2017

    Where can I find the actual questions? Not sure how to efficiently use this popular website. Please advise.

  9. Latest Dumps
    August 31st, 2017

    clkmein .com/q4pyws
    Remove the space before .com. You’ll be redirected to latest dumps pdf. Enjoy.

  10. Hello
    September 9th, 2017
  11. Podranok
    September 14th, 2017

    Question 6

    Which action can change the order of entries in a named access-list?
    A. removing an entry
    B. opening the access-list in notepad
    C. adding an entry
    D. resequencing

    Answer: D

    I think this Q is wrong. Can some1 agree or deny my thoughts?

    Actually to CHANGE the order of entries we must ADD or REMOVE the entry. packetlife(dot)net/blog/2010/apr/30/resequencing-acl-entries/

    Resequencing just changes seq. numbers by some value in order to we could add new acl rule between the lines if existing seq. numbers are occupied! But it DOES NOT change THE ORDER of lines themself! itknowledgeexchange(dot)techtarget(dot)com/network-technologies/resequence-the-access-list/

    The answer should be A or C.

Add a Comment