From: sabrina pittarel (sabri_esame@yahoo.com)
Date: Sun Dec 17 2006 - 03:56:37 ART
Hi Kal,
read the question carefully and ask the proctor if there are
ambiguities or you are unsure.
The way you arraged the question below is
ambiguous, especially without a picture.
How many devices are in the subnet
between the 2 routers? Do you want to allow telnet from all of them? If there
is only one device and you are asked to allow telnet, should we assume that
other devices can be connected into the subnet in future? Will they be allowed
to telnet?
These are the questions I would ask you, if you were my proctor.
Sabrina
----- Original Message ----
From: Kal Han <calikali2006@gmail.com>
To: Groupstudy <security@groupstudy.com>; Cisco certification
<ccielab@groupstudy.com>
Sent: Tuesday, December 12, 2006 8:50:08 PM
Subject:
how complicated are acls ?
Hi
When configuring acl in the lab ( time
constraint factor )
and if the question says allow telnet access to router
that has
inbound access-lists configured on the interfaces -
given that the
router has 2 physical interfaces and 2 loopbacks
Is it expected to write up
all the possible acls.
*example*
permit tcp any router_int1_IP eq telnet
permit tcp any router_int2_IP eq telnet
permit tcp any router_loop1_IP eq
telnet
permit tcp any router_loop2_IP eq telnet
or
just a "permit any any
eq telnet" will be OK to use.
please let me know.
It could be irritating to
ask the proctor about this granular
stuff sometimes...
(i understand its more
'secure' to use the first one... but
in terms of what lab exam is testing...
is it required ? )
Thanks
Kal
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:38 ART