500 Chapter 7: Understanding Access List Security
11
How many IP extended access-list commands are required to check a particular port
number on all IP packets?
12
True or false: If all IP or IPX access list statements in a particular list define the deny
action, then the default action is to permit all other packets.
13
In an IPX access list with five statements, a no version of the third statement is issued in
configuration mode. Immediately following, another access list configuration command
is added for the same access list. How many statements are in the list now, and in what
position is the newly added statement?
14
How many IP access lists of either type can be active on an interface at the same time?
For questions 16 through 18, assume that all parts of the network in Figure 7-12 are up and
working. IGRP is the IP routing protocol in use. Answer the questions following Example
7-16, which contains an additional configuration in the Mayberry router.
15
Describe the types of packets that this filter would discard, and tell at what point they
would be discarded.
16
Does the access list in Example 7-16 stop packets from getting to Web server Governor?
Why or why not?
17
Referring to Figure 7-12, create and enable access lists so that access to Web server
Governor is allowed from hosts at any site, but so that no other access to hosts in Raleigh
is allowed.
18
Name all the items that a standard IPX access list can examine to make a match.
19
Name all the items that an extended IPX access list can examine to make a match.
20
Name all the items that a standard IP access list can examine to make a match.
21
Name all the items that an extended IP access list can examine to make a match.
22
True or false: When using extended IP access lists for restricting vty access, the matching
logic is a best match of the list, rather than a first match in the list.
23
In a standard numbered IP access list with three statements, a no version of the first
statement is issued in configuration mode. Immediately following, another access list
configuration command is added for the same access list. How many statements are in the
list now, and in what position is the newly added statement?
24
In a standard named IP access list with three statements, a no version of the first statement
is issued in configuration mode. Immediately following, another access list configuration
command is added for the same access list. How many statements are in the list now, and
in what position is the newly added statement?
ch07.fm Page 500 Monday, March 20, 2000 5:14 PM