Which type of Cisco ASA access list entry can be configured to match multiple entries in a single statement?
A.
nested object-class
B.
class-map
C.
extended wildcard matching
D.
object groups
Explanation:
Which type of Cisco ASA access list entry can be configured to match multiple entries in a single statement?
Which type of Cisco ASA access list entry can be configured to match multiple entries in a single statement?
D.
object groups
An object group is a configuration item on the ASA that refers to one or more items. It refers to one or more IP addresses or network address ranges.
If an object group has four IP addresses in it, and we use that object group in a single entry of an access lists that permits TCP traffic to the object group, in effect we are allowing TCP traffic to each of those four IP addresses that are in the group.
Answer D
in some sites: this is a blessing
in others….its a curse.