Examveda
Examveda

You need to create an access list that will prevent hosts in the network range of 192.168.160.0 to 192.168.191.0. Which of the following lists will you use?

A. access-list 10 deny 192.168.160.0 255.255.224.0

B. access-list 10 deny 192.168.160.0 0.0.191.255

C. access-list 10 deny 192.168.160.0 0.0.31.255

D. access-list 10 deny 192.168.0.0 0.0.31.255

Answer: Option C

Solution(By Examveda Team)

The range of 192.168.160.0 to 192.168.191.0 is a block size of 32. The network address is 192.168.160.0 and the mask would be 255.255.224.0, which for an access list must be a wildcard format of 0.0.31.255. The 31 is used for a block size of 32. The wildcard is always one less than the block size.

Join The Discussion

Related Questions on Security

If you wanted to deny FTP access from network 200.200.10.0 to network 200.199.11.0 but allow everything else, which of the following command strings is valid?

A. access-list 110 deny 200.200.10.0 to network 200.199.11.0 eq ftp
access-list 111 permit ip any 0.0.0.0 255.255.255.255

B. access-list 1 deny ftp 200.200.10.0 200.199.11.0 any any

C. access-list 100 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftp

D. access-list 198 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftp
access-list 198 permit ip any 0.0.0.0 255.255.255.255