A network administrator at a medium-sized enterprise is configuring an extended ACL on the main router to restrict access to a secure server subnet that hosts sensitive client data. The server network is 192.168.5.0/24. Only devices on the administration team's subnet, 10.10.10.0/24, should be able to reach this server network. Which of the following ACL statements accomplishes this requirement?
permit ip any 192.168.5.0 0.0.0.255
permit ip 10.10.10.0 0.0.0.255 any
permit ip 10.10.10.0 0.0.0.255 192.168.5.0 0.0.0.255
permit ip 192.168.5.0 0.0.0.255 10.10.10.0 0.0.0.255
An extended ACL entry must include the protocol keyword followed by the source and destination networks with their wildcard masks. The line "permit ip 10.10.10.0 0.0.0.255 192.168.5.0 0.0.0.255" allows any IP traffic originating from the 10.10.10.0/24 subnet to reach any host on the 192.168.5.0/24 subnet. Because an implicit "deny ip any any" follows the ACL, all other source networks are automatically blocked from reaching the server subnet. The other options either reverse the source and destination fields, permit all sources, or fail to limit the destination network, so they do not meet the requirement.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an ACL in networking?
Open an interactive chat with Bash
What do the numbers in 192.168.5.0/24 mean?
Open an interactive chat with Bash
What is the difference between a permit and deny rule in an ACL?