Answer C is correct. ACLs are processed from top down. The first ACL entry that a packet matches is acted on (permit or deny), and the rest of the ACL entries aren’t considered. The host at 10.1.2.3 can access TCP port 80 because of the first line of the ACL. Not all hosts on the 220.127.116.11/24 subnet are allowed HTTP access to the hosts on 18.104.22.168/24, because there is no permit statement for that and because there is an implicit deny all at the end of an ACL. The same is true about all hosts on 10.1.2.0/24 not being all able to send ICMP ping requests. The deny statement for host 22.214.171.124 prevents the last option (fourth provided possible answer) from being true.
- Chapter Eleven. Troubleshooting
- from Cisco CCENT ICND1 100-101 Exam Cram, Second Edition
- Publisher: Pearson IT Certification
- Released: December 2013
This is SOOOOOO BAD....Answer A is correct. It says HTTPS which is 443 and there IS a permit statement for that. Also, like you say, answer C is correct.
Share this highlighthttp://www.safaribooksonline.com/a/cisco-ccent-icnd1/15211050/