Home > ICND2 – Access list Questions

ICND2 – Access list Questions

November 2nd, 2017 in ICND2 200-105 Go to comments

Question 1

Explanation

The syntax of a named ACL is:

ip access-list {standard | extended} {name | number}

Therefore we can configure a standard acl with keyword “standard” and configure an extended acl with keyword “extended”. For example this is how to configure an named extended access-list:

Router(config)#ip access-list extended in_to_out permit tcp host 10.0.0.1 host 187.100.1.6 eq telnet

Question 2

Explanation

Below is the range of standard and extended access list:

Access list type Range
Standard 1-99, 1300-1999
Extended 100-199, 2000-2699

In most cases we only need to remember 1-99 is dedicated for standard access lists while 100 to 199 is dedicated for extended access lists.

Question 3

Explanation

The syntax of an extended acl is:

access-list access-list-number {permit | deny} protocol source-IP {source-mask} destination-IP {destination-mask} [eq destination-port]

-> We can define protocol, source & destination IP addresses, destination port number.

For example, we will create an extended ACL that will permit FTP traffic (port 20, 21) from network 10.0.0.0/8 to reach 187.100.1.6 but deny other traffic to go through:

Router(config)#access-list 101 permit tcp 10.0.0.0 0.255.255.255 187.100.1.6 0.0.0.0 eq 21
Router(config)#access-list 101 permit tcp 10.0.0.0 0.255.255.255 187.100.1.6 0.0.0.0 eq 20

Question 4

Explanation

We can have only 1 access list per protocol, per direction and per interface. It means:

+ We can not have 2 inbound access lists on an interface
+ We can have 1 inbound and 1 outbound access list on an interface

Question 5

Question 6

Question 7

Comments (14) Comments
  1. Anonymous
    March 23rd, 2017

    Just explain where are the questions ?

  2. guru
    March 24th, 2017

    Where are the questions amigo?

  3. icnd2 student
    March 29th, 2017
  4. Sparkey Yates
    May 11th, 2017

    Sorry, those are from 2015, icnd2 student. Not going to do us a lot of good.

  5. Nirbad
    May 16th, 2017

    dumps please…no fckn ads

  6. Gary
    May 29th, 2017

    Thanks Tim,
    Those dumps are still good, passed today using them.

  7. Anonymous
    June 14th, 2017

    @i am bhaskar, I have booked my CCNA 200-125 exam on 9 july, plz provide me ccna dumps 200-125 .email me details to (bhaskar.sapkota016 @ gmail dot ca)
    Thanks

  8. Jonas
    June 24th, 2017

    where are the questions

  9. Guy
    June 29th, 2017

    @Jonas

    The questions are visible if you are logged in as a premium member. Not bad at $9 for 45 days. I get really anxious before taking a test so when I did ICND1 I studied and then when I thought I was ready for the test I paid the 9 bucks, we through the tests here and after I felt confident I went in and took the test, it was a breeze.

    Hopefully ICND2 goes as easily.

  10. no
    July 30th, 2017

    Clarification requested: To verify ACLs, one CAN use the APIC-EM Path Trace (just called APIC-EM in the mult choice), but the Wireless LAN Controller absolutely verifies ACLs.

    Bogus answer in icnd2PDF.pdf?

  11. WizIT
    September 28th, 2017

    Hi All,
    I can see explanation of the question and the question number. Where is the real question? Can someone post all the questions please.

  12. Curtis
    November 24th, 2017

    CHeck out https://drive.google.com/open?id=0B5mAFqgydmCzNno3dnFocF9HckU there are a lot of useful stuff here

  13. Anonymous
    November 25th, 2017

    Hello, do you know that you have a few repeated questions here? There aren’t 11 questions actually…so you should remove those and just leave the 7 or 8 questions… I know this service is cheap but come on…I’ve noticed this issue in many of the topics.

  14. Anonymous
    November 29th, 2017

    passed my ccent with 856