129 - 238 CCNA 2: Routers and Routing Basics v3.1 Instructor Guide – Module 11
Copyright
©
2004, Cisco Systems, Inc.
Module 11 Summary
Before students take the final exam, they should have mastered the configuration and
placement of standard and extended IP access-lists.
Online assessment options include the end-of-module online quiz in the curriculum and the
online Module 11 exam. Formative assessments such as short paper quizzes that instruct
students to write out an access list in response to a scenario may help students achieve
mastery.
Students should understand the following main points:
•
ACLs perform several functions within a router, which includes the implementation
of security access procedures.
•
ACLs are used to control and manage traffic.
•
For some protocols, two ACLs can be applied to an interface, an inbound ACL and
an outbound ACL.
•
After a packet is matched to an ACL statement, it can be denied or permitted
access to the router.
•
Wildcard mask bits use the number one (1) and the number zero (0) to identify
how to treat the corresponding IP address bits.
•
Access list creation and application is verified through the use of various IOS
show
commands.
•
The two main types of ACLs are standard and extended.
•
Named ACLs allow access lists to be identified by names instead of numbers.
•
ACLs can be configured for all routed network protocols.
•
ACLs are placed where they allow the most efficient control.
•
ACLs are typically used in firewall routers.
•
Access lists can also restrict virtual terminal access to the router.