Which one of the access control list statements below will deny all telnet connections to subnet 10.10.1.0/24?

A. access-list 15 deny telnet any 10.10.1.0 0.0.0.255 eq 23
B. access-list 115 deny udp any 10.10.1.0 eq telnet
C. access-list 15 deny tcp 10.10.1.0 255.255.255.0 eq telnet
D. access-list 115 deny tcp any 10.10.1.0 0.0.0.255 eq 23
E. access-list 15 deny udp any 10.10.1.0 255.255.255.0 eq 23


Answer: D

Explanation:

Telnet uses port TCP port 23. Since we are using source and destination IP address information, an extended access list is required. Extended access lists are access lists in the 100-199 range.


Incorrect Answers:
A, C, E. These access lists are numbered 15. Standard access lists are numbered 1-99, and in this case an extended access lists is required.
B. This access list specifies UDP port 23, and TCP port 23 is the port used by telnet.
A groan grasps the peanut near the offending anthology.