Which of the following statements about access lists are true? (Choose three.)

Posted by: Pdfprep Category: 210-260 Tags: , ,

Which of the following statements about access lists are true? (Choose three.)
A . Extended access lists should be placed as near as possible to the destination
B . Extended access lists should be placed as near as possible to the source
C . Standard access lists should be placed as near as possible to the destination
D . Standard access lists should be placed as near as possible to the source
E . Standard access lists filter on the source address
F . Standard access lists filter on the destination address

Answer: B,C,E

Explanation:

Source: http://www.ciscopress.com/articles/article.asp?p=1697887

Standard ACL

1) Able Restrict, deny & filter packets by Host Ip or subnet only.

2) Best Practice is put Std. ACL restriction near from Source Host/Subnet (Interface-In-bound).

3) No Protocol based restriction. (Only HOST IP).

Extended ACL

1) More flexible then Standard ACL.

2) You can filter packets by Host/Subnet as well as Protocol/TCPPort/UDPPort.

3) Best Practice is put restriction near form Destination Host/Subnet. (Interface-Outbound)

Leave a Reply

Your email address will not be published.