• Post author:
  • Post category:Blog
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

Refer to the exhibit. The company CEO demands that one ACL be created to permit email traffic to the internet and deny FTP access. What is the best ACL type and placement to use in this situation?

CCNA3 v7 – ENSA – Modules 3 – 5 Network Security Exam Answers 16
CCNA3 v7 – ENSA – Modules 3 – 5 Network Security Exam Answers 16
  • extended ACL outbound on R2 WAN interface towards the internet
  • standard ACL inbound on R2 WAN interface connecting to the internet
  • extended ACL inbound on R2 S0/0/0
  • standard ACL outbound on R2 S0/0/0

    Answers Explanation & Hints:

    Standard ACLs permit or deny packets based only on the source IPv4 address. Because all traffic types are permitted or denied, standard ACLs should be located as close to the destination as possible.

    Extended ACLs permit or deny packets based on the source IPv4 address and destination IPv4 address, protocol type, source and destination TCP or UDP ports and more. Because the filtering of extended ACLs is so specific, extended ACLs should be located as close as possible to the source of the traffic to be filtered. Undesirable traffic is denied close to the source network without crossing the network infrastructure.

For more Questions and Answers:

CCNA 3 v7 – ENSA v7.02 – Modules 3 – 5: Network Security Exam Answers Full 100%

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments