What does the following access list, which is applied on the external interface FastEthernet 1/0 of the perimeter router, accomplish?
router(config)#access-list 101 deny ip 10.0.0.0 0.255.255.255 any log
router (config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log
router (config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log
router (config)#access-list 101 permit ip any any
router (config)#interface fastEthernet 1/0
router (config-if)#ip access-group 101 in
A . It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255 and logs any intrusion attempts.
B . It prevents the internal network from being used in spoofed denial of service attacks and logs any exit to the Internet
C . It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion attempts.
D . It prevents private internal addresses to be accessed directly from outside.
Answer: C
Explanation:
The private IP address ranges defined in RFC 1918 are as follows:
Leave a Reply