Q1 What is the purpose of configuring an ACL?

1. Traffic filtering & Network Performance.

2. Network more secure by denying unwanted or malious traffic
3. Prevents unwanted traffic, saving network bandwidth,
4. More efficient and secure network, this is accomplished by a series of permit or deny statements.
5. Traffic can be permitted or denied based on source and destination IP and Mac Address, Protocols or port
numbers.
6. Must be at least one permit statement, or all traffic will be denied.
7. Implicit deny statement at the end of every ACL.
8. Used to ID which internal IP address should be translated by NAT or PAT
9. ACL's also ID traffic for advanced features such as QoS & queuing to central VTY access.

q2 What are 3 differences between a standard and extended ACL

Standards ACL simplest to create

1. Filter traffic based on Source IP
2. Permit Deny traffic based on an entire protocol
3. If a host or network are denied by a standard acl all services from that host or network are denied.
4. ACL's have a number range from 1-99 and 1300-1999
5. Standards ACL goes as close to the destination as possible.

Extended ACL's
1. More complex
2. Can filter traffic bases on source and Destination Addresses, Protocols, & Port numbers
3. More popular due to flexibility and specific nature to provide greater control
4. Number range 100-199 and 2000-2689
5. Extended ACL is placed as close to the source as possible

Q3. What is the purpose of a wildcard mask?

1. Block multiple addresses or range of addresses with 1 statement

2. Provide more flexibility
3. Uses a "0" in the statement indicate the portion of the IP that must match
4. "1"s in a statement indicate the portion that does not have to match
5. If 0.0.0.0 means the entire IP address must match
6. A wildcard mask is an inverse subnet mask.

Q4. What is the general rule for the placing of a standard ACL?

1. Place them as close to the destination as possible

2. Filters bases on source IP address
3. Filters traffic without regards for type or destination
4. Placed closed to the source could block traffic that is allowed.

5. Extended ACL are placed close to the source, blocked traffic won't pass over the network, wont consume
bandwidth

Q5. Write an extended ACL that will allow the host 192.168.10.5 FTP access to the
network 192.20.1.0 /29?

router freak (config)# Access-list 101 permit TCP host 192.168.10.5 192.168.4.0 0.0.0.7 range 20 21
Router freak (config)# Access-list 101 permit any any
Page 1 of 4
Q6. What is the difference between start up config and running config?

Startup config
 Saved in NVRAM
 sets properties of the device each time it is powered on.
 Device powered up loads IOS into RAM
 When the start-up config file is copied from the NVRAM to RAM the file becomes the running config file.

Running Config:
 File in RAM
 Determines how the device operates on the network
 Contains a list of commands
 Changes to the running config can be made when the file is in RA<
 Changes will be lost when the device is powered off, unless they are copied to the startup config by the
command copy run start

Q8 ID 3 interfaces you would see on a router and explain there function

1. Serial interface
2. Fast Ethernet
3. Console Port

Serial Interface:
 Used to connect WANs. WAN connections need a serial provider
 Slower
 Require more config, must determine the type of connection and encapsulation & protocol
 Encapsulation must be the same both ends

Fast Ethernet
 Connect to a switch, allowing multiple hosts to connect and use the same gateway

Console Port
 Out of Band management,
 initial config

Q9. The show version command would show you?

 Cisco ISO software version

 RAM & CPU
 Type of router
 NVRAM
 Flash memory

Q10 0x12102 is the default config register for Cisco routers what is the boot sequence.

 Performs POST
 POST tests router hardware.
 BOOTSTRAP is loaded
 Bootstrap locates the IOS, usually from flash, loads into RAM

Page 2 of 4
  Seeks Start-up Config, usually in NVRAM, if the file cannot be found prompts the user to enter setup mode.

Q11.

What command prompted this output?

Show IP router Command

How many networks are directly connected?

3

what does the value 120 refer to and the 1 refer to?
120 = the administrative distance of the routing protocol - in this case RIP.
1= the hop count

what does the R mean?

R = Rip routing Protocol

Which device does the IP 172.17.0.1 belong to?

to the neighbouring router, Interface serial 0/0

In the routers learned via R which device is S 0/0 referring to?

Interface of the router you are logged into

Draw a diagram of a network from the output shown?

192.168.1.1

192.168.3.1 Serial 0/0

192.168.3.0
Network
R1 R2 192.168.1.0
Network

FA 0/0 FA 0/1
192.168.2.1
192.168.4.1 172.17.0.1

192.168.4.0
Network

192.168.2.0
Write out the default route to the network 172.17.0.2 Network
IP route 0.0.0.0 0.0.0.0 172.17.0.2

you could also have the exit int which would have prevented a thing called recursive look up meaning the routing
table had to be looked up twice for the network address and a second time for exit int.

Page 3 of 4
Q12 Name 2 router config register setting and say where they tell the router to boot
from?

0X2412: Ignore contents of NVRAM

0X2120 Boot to ROM MON mode - like safe mode on PC.

Q13. Give 4 similarities and 2 differences between RIP V1 and RIP v2

Similarities
 Admin distance of 120
 uses hop count as its metric
 Max of 15 hops
 TTL of 16 hops
 Default 30 second update

Differences:
 RIP V2 can support VLSM and CIDR
 Auto route summarization can be turned off in RIP V2
 RIP V2 supports Authentication

Q14 Give an example of a link state protool and give 2 characteristics of it?

OSPF = open Shortest Path First

 Do not send frequent periodic updates of the entire routing table
 Uses small hello packets to form neighbours addresses

 Require more complex configurtion and Planning

 Contains entire view of the network from their point of view.

Q15 what is the difference between interior and exterior routing protocols?

Interior routing Protocols:

 Handle routing within an AS - generally under one comapnys control
 IGP figure how how to get inrom around the network on their own.
 Used to get network communications with each other eg, RIP, EIGRP

OSPF:
 Used on outside of network - eg internet
 EGP handles routing outside and AS
 Get you from your network onto the internet and to another network

BGP:
 Used by companies with more than one internet provider -
 most popular used over 90% co's around the world.

Page 4 of 4