Which keywords can be substituted for access list wildcards while configuring access lists? (Choose two.)
A.
all
B.
any
C.
host
D.
range
E.
subnet
Explanation:
The keywords any and host can be substituted for access list wildcards. These keywords make the access list configuration easy.
The any keyword is used for a wildcard referring to all devices. The equivalent wildcard is 255.255.255.255. For example:
Router(config)# access-list 10 deny any
or
Router(config)# access-list 15 deny 0.0.0.0 255.255.255.255
Standard access lists 10 and 15 deny packets from all source IP addresses and produce the same result.If you have to configure an access list with only one source or destination IP address, you can use the host keyword. The host keyword is equivalent to the 0.0.0.0
wildcard. For example, if you must permit IP address 192.168.144.25, you can configure the following:
Router(config)# access-list 20 permit 192.168.144.25 0.0.0.0
or
Router(config)# access-list 20 permit host 192.168.144.25
The keywords all and subnet are invalid keywords. The keyword range cannot be used as a substitute for wild cards but it can be with access lists to specify a range
of port numbers such as:
access-list 101 permit tcp any any range 1024 65535
Objective:
Infrastructure Services
Sub-Objective:
Configure, verify, and troubleshoot IPv4 standard numbered and named access list for routed interfaceshttps://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccesslists.html