background image
Answers to the Chapter 7 Q&A Section 763
21
Name all the items that an extended IP access list can examine to make a match.
·
Protocol type
·
Source port
·
Source IP address
·
Subset of entire source address (using mask)
·
Destination port
·
Destination IP address
·
Subset of entire destination address (using mask)
22
True or false: When using extended IP access lists for restricting VTY access, the matching
logic is a best match of the list, rather than a first match in the list.
False. Access list logic is always first match for any application of the list.
23
In a standard numbered IP access list with three statements, a no version of the first
statement is issued in configuration mode. Immediately following, another access list
configuration command is added for the same access list. How many statements are in the
list now, and in what position is the newly added statement?
Only one statement will remain in the list: the newly added statement. The no access-list
x command deletes the entire access list, even if all the parameters in an individual
command are typed in when issuing the no version of the command.
24
In a standard named IP access list with three statements, a no version of the first statement
is issued in configuration mode. Immediately following, another access list configuration
command is added for the same access list. How many statements are in the list now, and
in what position is the newly added statement?
Three statements will remain in the list, with the newly added statement at the end of the
list. The no deny | permit. . . command deletes only that single named access list
subcommand in named lists. However, when the command is added again, it cannot be
placed anywhere except at the end of the list.
25
In an extended named IPX access list with five statements, a no version of the second
statement is issued in configuration mode. Immediately following, another access list
configuration command is added for the same access list. How many statements are in the
list now, and in what position is the newly added statement?
Five statements will remain in the list, with the newly added statement at the end of the
list. The no deny | permit. . . command deletes only that single named access list
subcommand in named lists. However, when the command is added again, it cannot be
placed anywhere except at the end of the list.
apA.fm Page 763 Monday, March 20, 2000 5:24 PM