Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 94

Which outbound access list, applied to the WAN interface of a router, permits all traffic except for http traffic sourced from the workstation with IP address
10.10.10.1?

Answer options

• A. ip access-list extended 200 deny tcp host 10.10.10.1 eq 80 any permit ip any any
• B. ip access-list extended 10 deny tcp host 10.10.10.1 any eq 80 permit ip any any
• C. ip access-list extended NO_HTTP deny tcp host 10.10.10.1 any eq 80
• D. ip access-list extended 100 deny tcp host 10.10.10.1 any eq 80 permit ip any any

Correct answer: D

Explanation

The correct answer, D, effectively denies HTTP traffic from the specified IP while allowing all other types of traffic. Option A uses an incorrect access-list number and does not specify the necessary conditions correctly. Option B has a similar issue as it uses the wrong access-list number without fulfilling the requirements for HTTP denial. Option C does not include the permit statement for other traffic, making it incomplete.