Cisco路由器执行show access-list命令显示如下一组信息： Sta

问题单项选择题

Cisco路由器执行show access-list命令显示如下一组信息：
Standard IP access list block
deny 10.0.0.0, wildcard bits 0.255.255.255 log
deny 172.16.0.0, wildcard bits 0.15.255.255
permit any
根据上述信息，正确的access-list配置是

A．Router(config) # access-list standard block
Router(config-std-nac1) # deny 10.0.0.0 255.0.0.0 log
Router(config-std-nac1) # deny 172.16.0.0 255.240.0.0
Router(config-std-nac1) # permit any

B．Router(config) # ip access-list standard block
Router(config-std-nac1) # permit any
Router(config-std-nac1) # deny 10.0.0.0 0.255.255.255 log
Router(config-std-nac1) # deny 172.16.0.0 0.15.255.255

C．Router(eonfig) # ip access-list standard block
Router(config-std-nac1) # deny 10.0.0.0 255.0.0.0 log
Router(config-std-nac1) # deny 172.16.0.0 255.240.0.0
Router(config-std-nac1) # permit any

D．Router(config) # ip access-list standard block
Router(config-std-nac1) # deny 10.0.0.0 0.255.255.255 log
Router(config-std-nac1) # deny 172.16.0.0 0.15.255.255
Router(config-std-nac1) # permit any

答案

参考答案：D

解析：在扩展或标准访问控制模式下，配置过滤准则的命令为：{permit | denyr} Protocol source wildcard-mask destination wildcard-mask [operator][operand]。因为wildcard-mask是子网掩码的反码，所以可判断D选项正确。