Help for this question pleas...........

huddahudda Member Posts: 101
Hi all, prepare my selfe for Security+ I have one question is not clear for me, when i practice many Q, i find this plz make it clear for me, here is the question.

which of the folloing security mechanisms can be used to control the flow of packets travling through routers?

A) ACL (Access Control List)
B) OSPF( Open Shortest Path First) Policy

I say B, but theen in the book it say A, how it could be? helpppppppppppp i am furstrated.


  • agustinchernitskyagustinchernitsky Member Posts: 299

    If you think B... you should revise your concepts... Read ahead:

    Your options are two:

    ACL: Access Control Lists
    OSPF: A routing protocol

    What you are getting wrong, I think, is that you think ACL are only for file systems... but remember, the mayority of the routers have firewall capabilities: packet filtering.

    Packet filtering consists of rules that control which packets can enter or leave the router. Sometimes, these "rules" are also called ACL... Cisco routers calls them that.

    So, the correct answer, is ACL.

    Why not OSPF?? Its a routing protocol... it says where to send the packet... it does not say if it can flow or not thru the router.

    Hope it helps... and don't get frustrated!! :D
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    Although you don't need to know in detail how access control lists work, here's some more information from our CCNA TechNotes:
  • huddahudda Member Posts: 101
    I thank you very much my dear!

    that is wat exactly i thought, ACL are only for file systems... as you said the majority of the routers have firewall capabilities: packet filtering, that is right, you got me on this one, icon_idea.gif

    icon_lol.gif I apreciate your quick respond!

  • Danman32Danman32 Member Posts: 1,243
    Uh, no. He said that ACLs are NOT only for file systems. ACL is for anything that is restricting access using a list of who or what can or cannot have access. In the case of a firewall, that would be packets based on the attributes of the packet. If you work with Cisco, they call the packet filter Access Control Lists (ACLs).

    I can see however a reason to think B, even though A is the better answer. The question was, what controls the flow of packets, not what allows packets through or not. OSPF in being a routing protocol would assist in determining where the packets go next, in other words where they would flow.

    Sometimes how we see questions and answers is like my friend who answered that Cinderella's slipper was made of sand, since glass is made of sand.
  • agustinchernitskyagustinchernitsky Member Posts: 299
    Hello Danman32,

    ...used to control the flow of packets travling through routers

    I agree that the question is not clear, but I'll stay with ACL. It should say something like "controlling the destination of the flow of packets" or something like that for routing .

    Besides, I interpret (this is me only) that it is talking about packets whose routing decision are already taken (packets travling through routers).

    As you say... Its a question of interpretation.
  • Danman32Danman32 Member Posts: 1,243
    I agree with you 100%. However, I was just giving a different point of view why someone might think B: routing.
  • agustinchernitskyagustinchernitsky Member Posts: 299
    And sure its a valid one!! That is part of the exam... they will make those type of questions... So hudda get prepared to see "beyond" of the question...

    May the force be with you.
  • Danman32Danman32 Member Posts: 1,243
    Just don't make the question more complex than it is, and answer 'sand' when they ask what Cinderella's slipper was made of.
  • huddahudda Member Posts: 101
    I thank you all, I will do the exam in a few days........ i think i got it all this time.............

  • Vask3nVask3n Member Posts: 517
    Good luck with your exam, Hudda. You should be fine if you studied the objectives.
    Working on MS-ISA at Western Governor's University
Sign In or Register to comment.