Cisco Certified Network Associate (CCNA) Practice Exam

Which command would you use to verify which interfaces are affected by an ACL issue?

• A. #show ip interface
• B. #display ip interface
• C. #check ip interface
• D. #show acl interfaces

The correct answer is: #show ip interface

The command "#show ip interface" is used to display the status and configuration of all interfaces on a Cisco device, including information about access control lists (ACLs) that are applied to each interface. By using this command, you can determine which interfaces have an ACL applied, view their current operational status, IP address configuration, and whether the ACL is permitting or denying traffic. This command provides crucial insights when troubleshooting ACL issues, as it enables you to quickly identify any interfaces that may be experiencing traffic blockage due to the rules set in the applied ACLs. For example, if an ACL is configured to deny certain types of traffic on a specific interface, observing the output of this command can help you confirm that the ACL is in effect on that interface, leading to a more targeted troubleshooting approach. The other choices do not provide the relevant information needed for this scenario. "Display ip interface" is not a recognized command in Cisco IOS for interface verification. "Check ip interface" is also not a valid command. "Show acl interfaces" might sound similar but doesn't reflect the official syntax or the comprehensive details regarding interfaces and their ACL configurations. Hence, utilizing the "#show ip interface" command is the most effective method for verifying interface ACL issues.