You're reading from Implementing and Administering Cisco Solutions: 200-301 CCNA Exam Guide Begin a successful career in networking with CCNA 200-301 certification

Product type Paperback

Published in Nov 2020

Publisher Packt

ISBN-13 9781800208094

Length 764 pages

Edition 1st Edition

Tools

Cisco

Concepts

Network Security

Author (1):

Glen D. Singh

View More author details

Table of Contents (26) Chapters

Preface

1. Section 1: Network Fundamentals

2. Chapter 1: Introduction to Networking FREE CHAPTER

3. Chapter 2: Getting Started with Cisco IOS Devices

4. Chapter 3: IP Addressing and Subnetting

5. Chapter 4: Detecting Physical Issues, Wireless Architectures, and Virtualization

6. Section 2: Network Access

7. Chapter 5: Implementing VLANs, Layer 2 Discovery Protocols, and EtherChannels

8. Chapter 6: Understanding and Configuring Spanning-Tree

9. Section 3: IP Connectivity

10. Chapter 7: Interpreting Routing Components

11. Chapter 8: Understanding First Hop Redundancy, Static and Dynamic Routing

12. Section 4: IP Services

13. Chapter 9: Configuring Network Address Translation (NAT)

14. Chapter 10: Implementing Network Services and IP Operations

15. Section 5: Security Fundamentals

16. Chapter 11: Exploring Network Security

17. Chapter 12: Configuring Device Access Control and VPNs

18. Chapter 13: Implementing Access Control Lists

19. Chapter 14: Implementing Layer 2 and Wireless Security

20. Section 6: Automation and Programmability

21. Chapter 15: Network Automation and Programmability Techniques

22. Chapter 16: Mock Exam 1

23. Chapter 17: Mock Exam 2

24. Assessments

25. Other Books You May Enjoy

Leave a review - let other readers know what you think

ACL wildcard masks

When creating an ACE, you may need to specify a network ID and the subnet mask. However, within ACLs and ACEs, you cannot use a subnet mask as Cisco IOS on the router was not built or designed to accept subnet masks as part of an ACE. ACLs use a wildcard mask, which is a 32-bit binary string used by the Cisco IOS router to determine which bits within the address to match and which bits to ignore.

As with a subnet mask, ones and zeroes are used to indicate the network and host portions of an IP address. For example, the ones within a subnet mask are used to identify the network portion of an address, while the zeroes are used to identify the host portion. Within a wildcard mask, these bits are used for a different purpose. Here, the ones and zeroes are used to filter either a group of addresses or a single IP address to decide whether to permit or deny access to a network resource.

In a wildcard mask, the zeroes are used to match the corresponding bit value...