Which statement represents a difference between an access list on an ASA versus an access list on a router?

– by 8

Which statement represents a difference between an access list on an ASA versus an access list on a router?
A. The ASA does not support standard access lists
B. The ASA does not ever use a wildcard mask
C. The ASA does not support numbered access lists
D. The ASA does not support extended access lists

cisco-exams

8 thoughts on “Which statement represents a difference between an access list on an ASA versus an access list on a router?

  2. The most significant difference between an access list on an ASA versus an access list on a router is that the ASA never ever uses a wildcard mask.

    Reply

  3. this is answer B , because ASA don’t use wild card but it use Standard ACL for OSPF

    Standard ACLs
    Unlike on other platforms, the ASA does not support the use of standard ACLs for controlling traffic. They are used only in some limited Open Shortest Path First (OSPF) configurations.

    Reply

  5. ASA does use standard ACLs: “Standard ACLs identify the destination IP addresses of OSPF routes and can be used in a route map for OSPF redistribution. Standard ACLs cannot be applied to interfaces to control traffic. ”

    B is the correct answer. There are no wildcard masks on an ASA.

    Reply

  7. I think that the an extended acl by default already does not use a wildcard mask but just a subnet mask

    hostname(config)# access-list ACL_IN extended deny tcp 192.168.1.0 255.255.255.0
    209.165.201.0 255.255.255.224
    hostname(config)# access-list ACL_IN extended permit ip any any

    If you want to restrict access to selected hosts only, then enter a limited permit ACE. By default, all other traffic is denied unless explicitly permitted.
    hostname(config)# access-list ACL_IN extended permit ip 192.168.1.0 255.255.255.0
    209.165.201.0 255.255.255.224

    these examples are on Cisco’s site talking about Extended ACLs. I had this question at one time also, and I wanted to try answering your question in hopes that I could better understand it.

    I hope this helped us both, good luck on your test

    Reply

  8. B. The ASA does not ever use a wildcard mask

    I know that asa doesnt use wildcard masks . only pix firewall the old i think uses a wildcard mask
    why B isnot the correct answer?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.