1. What are the permit or deny statements in an ACL called?
- access control entries
- arbitrary statements
- content control entries
- control statements
Explanation: The sequential list of permit and deny statements in an ACL are called access control entries (ACEs).
2. Which packet filtering statement is true?
- Extended ACLs filter at Layer 3 only.
- Extended ACLs filter at Layer 4 only.
- Standard ACLs filter at Layer 3 only.
- Standard ACLs filter at Layer 4 only.
Explanation: Standard ACLs filter at Layer 3 only.
3. Which statement about the operation of a standard ACL is incorrect?
- The router extracts the source IPv4 address from the packet header.
- The router starts at the top of the ACL and compares the address to each ACE in sequential order.
- When a match is made, the ACE either permits or denies the packet, and any remaining ACEs are not analyzed.
- If there are no matching ACEs in the ACL, the packet is forwarded because there is an implicit permit ACE automatically applied to all ACLs.
Explanation: If there is no matching ACE in the ACL, the packet is discarded because of the implicit deny ACE automatically applied to all ACLs.