Configuring Web Authentication and DNS Traffic
Question
An engineer is configuring web authentication and needs to allow specific protocols to permit DNS traffic.
Which type of access list should be used for this configuration?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.A.
To permit DNS traffic for web authentication, an extended ACL should be used.
Extended ACLs offer a greater degree of control over traffic filtering as compared to standard ACLs, which only allow the source IP address to be specified. Extended ACLs allow both the source and destination IP addresses, as well as the source and destination ports, to be specified. In this case, the engineer needs to allow specific protocols to permit DNS traffic, which requires filtering based on the destination port.
Reflexive ACLs, also known as IP session filtering, are used to allow return traffic for established connections initiated from within the network. They are not appropriate for this scenario as the traffic being filtered is inbound, not outbound.
Numbered ACLs and named ACLs are simply different ways to name and reference the same types of ACLs. They do not impact the functionality or suitability for this scenario.
