Announcement

Collapse
No announcement yet.

cisco acl

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • cisco acl

    Hi,
    I came across a question which is as below:


    Have an access list which denies access to all hosts that lie within the range 192.168.160.0-192.168.191.0. Hosts in the 192.168.195.0 network should be granted full access. Which one of the following answer choices fulfills your needs?

    A. access-list 1 deny 192.168.163.0 0.0.0.255
    B. access-list 1 deny 192.168.128.0 0.0.127.255
    C. access-list 1 deny 192.168.0.0 0.0.255.255
    D. access-list 1 deny 192.168.0.0 0.0.31.255


    The answer is D. But i couldn't get it clearly... will anyone kindly explain it ?

    Thank you


  • #2
    Re: cisco acl

    Where did you find that question?
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: cisco acl

      First of all you need to summaries the denied space, from 192.168.160.0 to 192.168.190.0 :
      160 : 1010 0000
      190 : 1011 1110
      as you can see : the first 3 bits are the same; the summary network is : 192.168.160.0 mask 255.255.224.0 and the resulted wildcard : 0.0.31.255.
      All this means that the command must be :
      Code:
      access-list 1 deny 192.168.160.0 0.0.31.255

      Comment

      Working...
      X