You are a network administrator, and you are configuring an access list to permit Hypertext Transfer Protocol (HTTP) traffic based on the source and destination IP
address of the devices.
What access list (ACL), protocol, and port number will you configure to permit HTTP traffic? (Choose three.)
A.
23
B.
80
C.
TCP
D.
UDP
E.
Standard
F.
Extended
Explanation:
An extendedACL can filter network traffic on the basis of source and destination IP address, the transport layer protocol (such as TCP or UDP), and the port
number. HTTP, or general Web traffic, uses TCP at the Transport layer and port 80. More port numbers commonly used in ACLs include:– HTTPS 443
– FTP 20, 21
– Telnet 23
– DNS 53
– SMTP 25
Standard ACLs can filter only on the source IP address inside a packet, whereas an extended ACL can filter on the source and destination IP addresses in the
packet, the IP protocol, and protocol information such as the destination port number. An extended ACL therefore allows you to filter more precisely. For example,
you can filter a specific Telnet session from one of your users’ PCs to a remote Telnet server. Standard ACLs do not support this form of granularity. With a
standard ACL, you can either permit or deny all traffic from a specific source device.
Port 23 is incorrect because this port is used by Telnet. Therefore, port 23 does not need to be configured to permit HTTP traffic.
UDP is incorrect because HTTP uses TCP.
Standard ACLs cannot filter traffic based on the destination IP addresses. Therefore, this option is incorrect.
Objective:
Infrastructure Services
Sub-Objective:
Configure, verify, and troubleshoot IPv4 standard numbered and named access list for routed interfaceshttps://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccesslists.html
https://www.cisco.com/c/en/us/td/docs/ios/sec_data_plane/configuration/guide/12_4/sec_data_plane_12_4_book/sec_access_list_ov.html