Module 8: Best Practices (Cont.)

Module 8: Best Practices (Cont.)

Module 8: Best Practices (Cont.)

• Use the topology in 8.6.1 and zoom in on it.
• Tell the class “The R1 G0/0 interface should filter incoming user traffic and the S0/0/0 interface is connected to the internet.”
• Ask the class “What type of incoming traffic should be filtered by G0/0?” Elicit answers such as user IP and ICMP traffic.
• Ask the class “What type of incoming traffic should be filtered on S0/0/0?” Elicit answers such return user IP traffic and ICMP traffic.

Topic 8.7

• Ask the class “How do you create an IPv6 ACL?” Students will likely have some knowledge of IPv6 ACL basics. Elicit answers such as IPv6 ACLs function in a similar manner to IPv4 ACLs but there are no standard ACLs; only extended IPv6 ACLs. IPv6 ACLs include three implicit statements at the end; two permit icmp ACEs for neighbor discovery and ends with an implicit deny ipv6 any any ACE.

Module 8: Access Control Lists

Module 8: Access Control Lists

Networking Security v1.0

(NETSEC)

Module Objectives

Module Title: Access Control Lists

Module Objective: Implement access control lists (ACLs) to filter traffic and mitigate network attacks on a network.

Topic Title	Topic Objective
Introduction to Access Control Lists	Describe standard and extended ACLs.
Wildcard Masks	Explain how ACLs use wildcard masks.
Configure ACLs	Explain how to configure ACLs.
Modify ACLs	Use sequence numbers to edit existing standard IPv4 ACLs.
Implement ACLs	Implement ACLs.

Download 3.75 Mb.

Share with your friends: