A network engineer runs the following command on Router R1:
R1# show access-lists
Extended IP access list 101
10 permit tcp 192.168.1.0 0.0.0.255 any eq 80 (10 matches)
20 deny tcp any host 10.1.1.1 eq 22 (5 matches)
30 permit icmp any any (2 matches)
40 deny ip any any (1 match)Based on this output, which statement is correct?
Trap 1: All traffic is permitted because line 40 has only 1 match.
Line 40 is a deny statement; its matches indicate traffic being denied, not permitted.
Trap 2: The ACL has no effect because it is not applied to an interface.
The output does not indicate whether the ACL is applied; it only shows the ACL contents and match counts.
- A
Traffic matching line 10 is permitted and counted correctly.
Line 10 has 10 matches and is a permit statement, so traffic matching it is permitted.
- B
All traffic is permitted because line 40 has only 1 match.
Why wrong: Line 40 is a deny statement; its matches indicate traffic being denied, not permitted.
- C
Line 20 denies SSH traffic to host 10.1.1.1, and 5 packets matched.
Line 20 denies TCP port 22 (SSH) to host 10.1.1.1, with 5 matches.
- D
The ACL has no effect because it is not applied to an interface.
Why wrong: The output does not indicate whether the ACL is applied; it only shows the ACL contents and match counts.