Question:
Which three statements are generally considered to be best practices in the placement of ACLs? (Choose three.)
- Filter unwanted traffic before it travels onto a low-bandwidth link.
- Place standard ACLs close to the destination IP address of the traffic.
- Place standard ACLs close to the source IP address of the traffic.
- Place extended ACLs close to the destination IP address of the traffic.
- Place extended ACLs close to the source IP address of the traffic.
- For every inbound ACL placed on an interface, there should be a matching outbound ACL.
Explanation: Extended ACLs should be placed as close as possible to the source IP address, so that traffic that needs to be filtered does not cross the network and use network resources. Because standard ACLs do not specify a destination address, they should be placed as close to the destination as possible. Placing a standard ACL close to the source may have the effect of filtering all traffic, and limiting services to other hosts. Filtering unwanted traffic before it enters low-bandwidth links preserves bandwidth and supports network functionality. Decisions on placing ACLs inbound or outbound are dependent on the requirements to be met.
Exam with this question: CCNA 2 (v5.0.3 + v6.0) Chapter 7 Exam Answers
Exam with this question: Enterprise Networking, Security, and Automation ( Version 7.00) - ENSA Final Exam
Exam with this question: Practice Final - ENSA
Exam with this question: Network Security ( Version 1) - Network Security 1.0 Final Exam
Exam with this question: CCNA 2 v6 Chapter 7: Check Your Understanding
Exam with this question: CCNA 4 v6 Chapter 4: Check Your Understanding
Please login or Register to submit your answer