Which statement is FALSE with respect to access lists?
- every rule is examined before a decision is made
- the order of the rules is important
- the rule in the list are examined from top to bottom
- the first rule match is applied
Every rule is NOT necessarily examined. An access list is a list of rules defined in a specific order. The rules are examined from the top of the list to the bottom. When one of the rules is encountered which matches the traffic type of the packet being examined, the action specified in that rule is taken and no more rules are examined.
The order of the rules is important. For example, examine this set of conceptual rules:
Allow traffic from subnet 192.168.5.0/24
Deny traffic from 192.168.5.5/24
The second rule would never be invoked because the first rule would always match the traffic of 192.168.5.5.
If all of the rules in a set are examined and none match the traffic type, the packet will be disallowed by an implied deny all at the end of each set. To counteract that, most of the time we configure an allow at the end of the set to counteract this implied rule.
Objective: Network Concepts
Sub-Objective: Describe the operation of ACLs applied filters on the interfaces of network devices