Exam 300-101 | Question id=432 | Infrastructure Security |
Refer to the following access list.
Access-list 100 permit ip any any log
After applying the access list on a Cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this?
A. |
A packet that matches access-list with the “log” keyword is Cisco Express Forwarding switched. | |
B. |
A packet that matches access-list with the "log" keyword is fast switched | |
C. |
A packet that matches access-list with the "log" keyword is process switched. | |
D. |
A large amount of IP traffic is being permitted on the router. |
Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the network or is dropped by network devices. Unfortunately, ACL logging can be CPU intensive and can negatively affect other functions of the network device. There are two primary factors that contribute to the CPU load increase from ACL logging: process switching of packets that match log-enabled access control entries (ACEs) and the generation and transmission of log messages.
Reference