Anda di halaman 1dari 1

Access-List Interview Questions

Q) What is Access-List?
A: Access-List is a method of providing basic level of network security
Q) What is the Function of Access-List?
A: Access-List is going to Filter incoming as well as outgoing traffic on the router interface.
Q) What is the Default Wildcard Mask for Access-List?
A: Default Wild Card Mask for Access-List is 0.0.0.0
Q) How many Access-List's can be created on the router?
A: --> 1 per Interface
--> 1 per Direction
--> 1 per Protocol
Q) What are the advantages of Standard ACL?
A: 1) Simple Packet Filtering Purpose
2) Limiting Access on VTY lines
3) Route Filtering
4) NAT
5) Route- MAPs
Q) What are the advantages of Extended ACL?
A: 1) Complex Packet Filtering Purpose
2) Route Filtering
3)VPN
4)TCP Intercept
5) IOS Firewall
Q) What is the difference between Standard ACL and Extended ACL?
A: 1) Standard ACL only checks Source IP address, Extended ACL checks Source IP, Destination IP

and Protocol also for filtering traffic.


2) Standard ACL can be created using number (1-99,1300-1999) and Extended ACL can be

created using number(100-199,2000-2699).


3) Two way communication is blocked in Standard ACL, One way communication is stopped in Extended ACL.
4) Standard ACL implemented near to destination, Extended ACL implemented near to Source.
Q) What is the difference between Numbered ACL and Named ACL?
A: 1) Numbered ACL is created by using number, Named ACL is created by using name,
2) Removing of specific statement is not possible in Numbered ACL, It is possible in Named ACL.

Q) What is the difference between IPV4 ACL and IPV6 ACL?

A: 1) No standard ACL in IPV6


2) No wildcard mask in IPV6 ACL
3) In IPV6 only Named ACL's are available,there is no numbered ACL.
Q) What is the difference between Access-group and Access-class command?
A: Access-group command is used to Filter traffic on the Interface ( Ethernet, Serial).
Access-class command is used to Filter traffic on Lines (Vty, Console,aux).
Q) What is the default action of ACL, if no condition matches in ACL?
A: Drop traffic
Q) Access Control Lists are Case-Sensitive or Case-Insensitive?
A: Case Sensitive
Q) Which Traffic is not filtered by ACL?

A: Traffic that is generated by the router itself, ACL is going to filter only transit traffic.