Upgrade to remove ads
Security Chap4 Quiz
Get Quizlet's official CCNA - 1 term, 1 practice question, 1 full practice test
Terms in this set (14)
What are two characteristics of ACLs? (Choose two.)
Extended ACLs can filter on destination TCP and UDP ports.
Extended ACLs can filter on source and destination IP addresse
What is one advantage of using a next-generation firewall rather than a stateful firewall?
proactive rather than reactive protection from Internet threats
What is the result in the self zone if a router is the source or destination of traffic?
All traffic is permitted.
The inspect action in a Cisco IOS Zone-Based Policy Firewall configures Cisco IOS _____packet inspection
Which statement is a characteristic of a packet filtering firewall?
They are susceptible to IP spoofing.
Which ICMP message type should be stopped inbound?
Which two types of addresses should be denied inbound on a router interface that attaches to the Internet? (Choose two.)
private IP addresses
any IP address that starts with the number 127
The _______action in a Cisco IOS Zone-Based Policy Firewall is similar to a deny statement in an ACL.
Where would the following ACE be placed?
permit icmp any any nd-na
on an IPv6-enabled router interface that connects to another router
Where is the firewall policy applied when using Classic Firewall?
Consider the access list command applied outbound on a router serial interface.
access-list 100 deny icmp 192.168.10.0 0.0.0.255 any echo reply
What is the effect of applying this access list command?
No traffic will be allowed outbound on the serial interface.
Which statement describes a stateful firewall?
It can determine if the connection is in the initiation, data transfer, or termination phase.
What is one benefit of using a next-generation firewall rather than a stateful firewall?
integrated use of an intrusion prevention system (IPS)
Consider the configured access list.
R1# show access-lists
extended IP access list 100
deny tcp host 10.1.1.2 host 10.1.1.1 eq telnet
deny tcp host 10.1.2.2 host 10.1.2.1 eq telnet
permit ip any any (15 matches)
What are two characteristics of this access list? (Choose two.)
The access list has been applied to an interface.
Any device on the 10.1.1.0/24 network (except the 10.1.1.2 device) can telnet to the router that has the IP address 10.1.1.1 assigned.
THIS SET IS OFTEN IN FOLDERS WITH...
Security Chap3 Quiz
Security Chap5 Quiz
Security Chap6 Quiz
Security Chap2 Quiz
YOU MIGHT ALSO LIKE...
Chapter 4 Test Security
CCNA Routing and Switching Essentials Ch…
NET 226 - Chapters 3 & 4
Chapter 9 Semester 2 Vocab
OTHER SETS BY THIS CREATOR
Security Chap1 Quiz
Security Chap2 Exam