300-101 Question 216

陳罐西

QUESTION 216
which access list used to filter upper layer protocol ?
A. extended acl
B. standart acl
C. reflexive acl
D. time based acl
E. dynamic acl
Correct Answer: A

这个题结合后面的拖图题
正确答案应该是C才对吧

hexadecimalbabi

我也有發現，你是對的
思科網站也有答案
Reflexive access lists
provide the ability to filter network traffic at a router, based on IP upper-layer protocol “session” information.

Rockyw

感谢楼主分享！

19920119

我也認同
Reflexive Access Lists
Reflexive access lists provide filtering on upper-layer IP protocol sessions. They contain temporary entries that are automatically created when a new IP session begins. They are nested within extended, named IP access lists that are applied to an interface. Reflexive access lists are typically configured on border routers, which pass traffic between an internal and external network. These are often firewall routers. Reflexive access lists do not end with an implicit deny statement because they are nested within an access list and the subsequent statements need to be examined.

伟健ROCK

这个题貌似我也考到，怪不得不知道错哪呢，应该题库里面有些答案本身就错误的。

sonson1977

hexadecimalbabi 发表于 2017-11-12 20:14
我也有發現，你是對的
思科網站也有答案
Reflexive access lists

多謝分享...

byronyj

感謝樓主！

SennaWen

Extended ACLs
Extended ACLs filter IP packets based on protocol type, source and destination IP address, source TCP or UDP ports, destination TCP or UDP ports and optional protocol type information for finger granularity control.

Reflexive ACLs
Reflexive ACLs allow IP packets to be filtered based on upper-layer session information. Generally are used to allow outbound traffic and to limit inbound traffic by using sessions that originate inside the router. When a router sees a new outbound connection it adds an entry to a temporary ACL to allow replies back into the network. Reflexive ACLs can be defined only with an extended named IP ACL. They cannot be defined with numbered or standard named ACLs or with other protocols.

q466265670

学习