Which type of network masking is used when Cisco IOS access control lists are configured?
A.
extended subnet masking
B.
standard subnet masking
C.
priority masking
D.
wildcard masking
Explanation:
http://www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a008014f945.shtml
Conduct a Risk Analysis
A risk analysis should identify the risks to your network, network resources, and data. This doesn’t
mean you should identify every possible entry point to the network, nor every possible means of
attack. The intent of a risk analysis is to identify portions of your network, assign a threat rating to
each portion, and apply an appropriate level of security. This helps maintain a workable balance
between security and required network access.
Assign each network resource one of the following three risk levels:
Low Risk Systems or data that if compromised (data viewed by unauthorized personnel, data
corrupted, or data lost) would not disrupt the business or cause legal or financial ramifications. The
targeted system or data can be easily restored and does not permit further access of other
systems.
Medium Risk Systems or data that if compromised (data viewed by unauthorized personnel, data
corrupted, or data lost) would cause a moderate disruption in the business, minor legal or financialramifications, or provide further access to other systems. The targeted system or data requires a
moderate effort to restore or the restoration process is disruptive to the system.
High Risk Systems or data that if compromised (data viewed by unauthorized personnel, data
corrupted, or data lost) would cause an extreme disruption in the business, cause major legal or
financial ramifications, or threaten the health and safety of a person. The targeted system or data
requires significant effort to restore or the restoration process is disruptive to the business or other
systems.
Assign a risk level to each of the following: core network devices, distribution network devices,
access network devices, network monitoring devices (SNMP monitors and RMON probes),
network security devices (RADIUS and TACACS), e-mail systems, network file servers, network
print servers, network application servers (DNS and DHCP), data application servers (Oracle or
other standalone applications), desktop computers, and other devices (standalone print servers
and network fax machines).
Network equipment such as switches, routers, DNS servers, and DHCP servers can allow further
access into the network, and are therefore either medium or high risk devices. It is also possible
that corruption of this equipment could cause the network itself to collapse. Such a failure can be
extremely disruptive to the business.