In the following example, you forgot to enter an ACE to deny the user at IP address 192.168.10.10. Which command would correctly enter the ACE to filter this address?
R1# show access-lists
Extended IP access list PERMIT-NET
10 permit ip 192.168.10.0 0.0.0.255 any
20 permit ip 192.168.11.0 0.0.0.255 any
R1#
- deny ip host 192.168.10.10
- 5 deny ip host 192.168.10.10
- 15 deny ip host 192.168.10.10
- 25 deny ip host 192.168.10.10
Explanation: The host must be filtered first, so adding sequence 5 at the beginning of the ACE would insert it before the 192.168.10.0/24 network is permitted.
Exam with this question: 5.5.4 Module Quiz - ACLs for IPv4 Configuration
Please login or Register to submit your answer