Module 11 Summary

Before students take the final exam, they should have mastered the configuration and placement of standard and extended IP access-lists.

Online assessment options include the end-of-module online quiz in the curriculum and the online Module 11 exam. Formative assessments such as short paper quizzes that instruct students to write out an access list in response to a scenario may help students achieve mastery.

Students should understand the following main points:

ACLs perform several functions within a router, which includes the implementation of security access procedures.

ACLs are used to control and manage traffic.

For some protocols, two ACLs can be applied to an interface, an inbound ACL and an outbound ACL.

After a packet is matched to an ACL statement, it can be denied or permitted access to the router.

Wildcard mask bits use the number one (1) and the number zero (0) to identify how to treat the corresponding IP address bits.

Access list creation and application is verified through the use of various IOS show commands.

The two main types of ACLs are standard and extended.

Named ACLs allow access lists to be identified by names instead of numbers.

ACLs can be configured for all routed network protocols.

ACLs are placed where they allow the most efficient control.

ACLs are typically used in firewall routers.

Access lists can also restrict virtual terminal access to the router.

129 - 238 CCNA 2: Routers and Routing Basics v3.1 Instructor Guide – Module 11

Copyright 2004, Cisco Systems, Inc.

Page 130
Image 130
Cisco Systems CCNA 2 manual Module 11 Summary