Cisco Certified Network Associate (CCNA) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Cisco Certified Network Associate (CCNA) Practice Exam. Test your knowledge with our interactive quizzes featuring multiple choice questions, hints, and explanations. Equip yourself for success!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

Where should an extended access list be placed in a network?

  1. Closest to the source

  2. Closest to the destination

  3. At the perimeter

  4. At the data center

The correct answer is: Closest to the source

Placing an extended access list closest to the source is considered best practice because it allows you to filter traffic before it traverses the network, effectively reducing unnecessary load on network devices and bandwidth. By implementing the access control at the source, you can prevent unwanted traffic from entering the network segment entirely. This approach enhances security by denying access to potentially malicious traffic early in its journey. When you place an access list closer to the destination, there's a likelihood that unwanted traffic will still consume network resources before being denied, which can lead to inefficiencies. While placing access lists at the perimeter can provide a level of security, it may still allow unwanted traffic to affect internal networks. Similarly, an access list implemented solely at the data center would not address security considerations for traffic originating from other parts of the network. Overall, positioning the extended access list near the source allows for optimal management of network traffic and enhances overall security posture.

More Questions Like This