What two ACEs could be used to deny IP traffic from a single source host 10.1.1.1 to the 192.168.0.0/16 network? (Choose two.)

IT Questions BankCategory: CCNAWhat two ACEs could be used to deny IP traffic from a single source host 10.1.1.1 to the 192.168.0.0/16 network? (Choose two.)
What two ACEs could be used to deny IP traffic from a single source host 10.1.1.1 to the 192.168.0.0/16 network? (Choose two.) 1ITExamAnswers Staff asked 9 months ago

What two ACEs could be used to deny IP traffic from a single source host 10.1.1.1 to the 192.168.0.0/16 network? (Choose two.)

  • access-list 100 deny ip 10.1.1.1 255.255.255.255 192.168.0.0 0.0.255.255
  • access-list 100 deny ip 10.1.1.1 0.0.0.0 192.168.0.0 0.0.255.255
  • access-list 100 deny ip 192.168.0.0 0.0.255.255 host 10.1.1.1
  • access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255
  • access-list 100 deny ip 192.168.0.0 0.0.255.255 10.1.1.1 0.0.0.0
  • access-list 100 deny ip 192.168.0.0 0.0.255.255 10.1.1.1 255.255.255.255

Explanation: There are two ways to identify a single host in an access list entry. One, is to use the host keyword with the host IP address, the other is to use a wildcard mask of 0.0.0.0 with the host IP address. The source of the traffic to be inspected by the access list goes first in the syntax and the destination goes last.

More Questions: CCNA 4 Chapter 4 Exam Answers


Related Articles