Introducing Cisco Data Center Networking (DCICN) — Question 60

What is the correct format of an access control list on a Cisco Nexus switch to only permit unencrypted Web traffic from the 172.16.1.0/25 network to destination host 10.10.1.110?

Answer options

• A. N5K-A(config)# ip access-list 101 N5K-A(config-acl)# permit tcp host 172.16.1.0/25 any eq 80
• B. N5K-A(config)# ip access-list 101 N5K-A(config-acl)# permit tcp 172.16.1.0 255.255.255.128 any eq 80
• C. N5K-A(config)# ip access-list 101 N5K-A(config-acl)# permit tcp 172.16.1.0/25 any eq 80
• D. N5K-A(config)# access-list 101 permit tcp 172.16.1.0/25 0.0.0.128 eq 80
• E. N5K-A(config)# ip access-list 101

Correct answer: C

Explanation

Option C is correct as it properly configures the access control list to permit TCP traffic from the 172.16.1.0/25 network to any destination on port 80. Option A incorrectly uses 'host' syntax which is not valid for a subnet, while option B uses a subnet mask instead of CIDR notation. Option D uses an incorrect wildcard mask format.