Refer to the exhibit.
Clients that are connected to Fa0/0 of RTA are only allowed to connect to the Internet and
networks, but not the networks on Fa1/0, Fa2/0, Fa3/0 and Fa4/0. To achieve this, you have
configured an ACL on RTA and applied it on the incoming direction of interface Fa0/0.
After you apply this ACL, you learn that some of these networks are still accessible for clients that
are connected to the 10.10.10.0/24 network. What is the correct ACL configuration to solve this
issue?
A.
access-list 101 deny ip any 10.1.0.0 0.0.1.255access-list 101 permit ip any any
B.
access-list 101 permit ip any 10.1.0.0 0.0.1.255access-list 101 deny ip any any
C.
access-list 101 deny ip any 10.1.0.0 0.0.252.255access-list 101 permit ip any any
D.
access-list 101 deny ip any 10.1.0.0 0.0.3.255access-list 101 permit ip any any
Explanation:
Access-lists use a wild card mask which is incorrectly configured in the above examplehttp://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a
.shtml