• Post author:
  • Post category:Blog
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

Refer to the exhibit. Many employees are wasting company time accessing social media on their work computers. The company wants to stop this access. What is the best ACL type and placement to use in this situation?

CCNA3 v7 – ENSA – Modules 3 – 5 Network Security Exam Answers 16
CCNA3 v7 – ENSA – Modules 3 – 5 Network Security Exam Answers 16
  • extended ACLs inbound on R1 G0/0 and G0/1
  • standard ACL inbound on R1 G0/1
  • standard ACL inbound on R1 G0/0
  • standard ACL inbound on R2 WAN interface connecting to the internet
Explanation & Hint: 

To stop employees from accessing social media on their work computers, the best ACL type and placement would be:

Extended ACLs inbound on R1 G0/0 and G0/1.

The reasoning for this choice is:

  1. Extended ACLs allow for filtering based on the protocol type, source and destination IP addresses, and destination ports. This means you can specifically block access to the IP addresses and ports associated with social media sites.
  2. Placing these ACLs inbound on R1’s G0/0 and G0/1 interfaces will filter traffic from the PCs within the company network before it exits out to the internet, thus stopping the traffic as close to the source as possible, which is a recommended best practice.
  3. Using extended ACLs instead of standard ACLs allows the company to block only specific types of traffic (like HTTP and HTTPS typically used for social media) without blocking other internet traffic that might be necessary for work purposes.

 

For more Questions and Answers:

CCNA 3 v7 – ENSA v7.02 – Modules 3 – 5: Network Security Exam Answers Full 100%

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments