CCNA ACL

CCNA Practice questions on ACL

Question 1

Which field in an TCP/IP packet can a standard ACL look to make a decision

a. source port
b. destination port
c. source IP address
d. destination IP address.

Question 2

Which field in an TCP/IP packet can an extended ACL look to make a decision

a. destination IP address
b. destination port
c. source IP address
d. All of the above

Question 3.

Access lists are applied globally on the router (True or False)

Question 4.

What wild card mask can be used to block the network 192.168.1.0/24.

a. 0.0.0.255
b. 0.0.255.255.
c. 255.255.0.0
d. 255.255.255.255

Question 5.

Which type of ACL can be used to block access to a FTP server

a.Standard ACL
b.Extended ACL
c.Reflexive ACL
d.Named ACL.

Video Course – Cisco CCNA: Vlans, Access-List & NAT + Bonus Material!

Question 6

Which type of ACL can be used to permit access from a specific source.

a.Standard ACL
b.Extended ACL
c.Reflexive ACL
d.Named ACL.

Question 7

Which command is used to apply an ACL on an interface

a. access-list
b. access-group
c. ip access-list
d. ip access-group

Answers

c
d
False
a
b
a
d

Explanation

1. Standard ACL’s can look only into the source IP address in the IP header.
2. Extended ACL’s can look into the destination port, source and destination IP address in an IP header.
3. access lists are configured globally but applied on specific interfaces.
4. The mask 0.0.0.255 is used.
5. FTP server works on TCP port 20 and 21. So an extended ACL would be required to configure access control based on port numbers.
6. Standard ACL would suffice to permit traffic from specific source address.
7. ip access-group command is used for the purpose.

Video Course – Cisco CCNA: Vlans, Access-List & NAT + Bonus Material!

Ebooks & Guides – Click Here