6.6. Answers to Review Questions

  1. B. Users who would normally be blocked by an ACL can just bring up a browser to get through the firewall and then authenticate on a TACACS+ or RADIUS server.

  2. C. Context-based Access Control (CBAC's) job is to scrutinize any and all traffic that's attempting to come through the firewall so it can find out about and control the state information for TCP and UDP sessions. And it uses that very information it's gathered to determine whether to create a temporary pathway into the firewall's access lists.

  3. A. Reflexive ACLs filter IP packets depending upon upper-layer session information, and they often permit outbound traffic to pass but place limitations on inbound traffic. You can't define reflexive ACLs with numbered ...

Get CCNA®: Cisco® Certified Network Associate: Fast Pass, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial