Describe the three types of complex ACLs and their functions.
Dynamic (lock-and-key):
- Dynamic ACLs use an extended ACL to block users from traversing a router until they use Telnet or SSH to connect to the router and are authenticated.
- After being authenticated, specific dynamic ACL entries are activated on the ACL applied to the interface.
- These entries remain active for a specific period and then expire.
- This enables a user to authenticate and access resources that normally would be denied. Dynamic ACLs can be combined with other types of ACLs, such as extended ACLs.
Reflexive:
- Reflexive ACLs automatically create temporary entries based on upper-layer session information.
- The entries are automatically deleted when the session ends.
Time-based:
- Time-based ACLs are similar to extended ACLs in function, but they allow access control based on time.
- A time range defines specific times of the day and days of the week at which the ACLs are implemented.
Exam with this question: EWAN v4 Chapter 5 Check Your Understanding: Access Control Lists
Please login or Register to submit your answer