CCNA Access List Sim

Are these simulations enough for my ccna exam???
i am givin my ccna exam on 16th aug, if any body has the latest dumps please mail me at rashant_7@yahoo.com….

We focused on the question C. After reading the explanation of webmaster, i think that this shows several issues that are right!, but, i think that we need pay attention on the subnet address of the Serial0/0/1 interface on the router, this IP has relation with the wildcard mask of access-list 115, only in this case, anyone host would be sent traffic to another host in different subnet, even to the router.

I suggest that first check the IP address and mask in the interface where will configure the access-list, then see the answers access-list and determine the best answer for this specific case.

Question C = Question 3 for above comment.

@alberto if you mean to suggest that the answer for Q3 is C then you couldn’t possibly be wronger than that. If telnet fails, as it seems to suggest on answer C, so will ftp and everything else.
ACL 115 doesn’t even specify any port in particular.

How to verify the answer ?

Hey Guys,for the question 2,pass4sure dumps say option C is correct that tcp and udp traffic will not be allowed and ip traffic would be passed.here i see a different answer.i guess in todd’s book its mentioned tht if use ip first then u cant specify application layer protocol later.and access-list 115 uses ip only.so obviously u cant specify application layer protocol.so tcp and udp traffic will be dropped and only ip will be passed..thats y i think pass4sure has option C as the answer and not B as on 9tut. need feedback..????

@Deepti,
where i can get pass4sure latest dumps. please let me know i m taking exam this month end

Answer is “A”.
ACL 115 states to permit source host address that has IP address with the fourth octet “0″. You can never have a match with this statement because any IP address that has its fourth octet with a value of “0″ will always be a network address, no matter what the subnetmask is. And a network address will never be a source IP. therefore you can never satisfy that statement. So implicit deny all will take effect causing no host to connect through router s0/0/0.
Please comment if someone else agrees with me.

thanks….

my mistake.. Applies only for /24 onwards.

Regarding the confusion over question 3

Here is the command as issued:
access-list 115 permit ip 0.0.0.0 255.255.255.0 any

if my understanding is correct, 0.0.0.0 matches any host ip address, so that part is fine

however, 255.255.255.0 is supposed to be a wildcard mask, which would make the first three octets zero, and the last would be a 0-255 value for the net mask. i have never seen a net mask that looks like 0.0.0.240 or the like.

so it looks to me as if A is the correct answer simply because no incoming packet can have this value for a net mask.

if i’m completely off my rocker, hopefully someone will point it out :)

Shaun, you had a problem with 255.255.255.0 being a legitimate wildcard mask. So do I.
You also wrote the following ” … i have never seen a net mask (wildcard mask is the correct term here) that looks like 0.0.0.240 or the like …

I agree ! Proper netmasks should look like 0.0.0.3, 0.0.0.7, 0.0.0.15, 0.0.0.31, 0.0.0.63, 0.0.0.127, and 0.0.0.255

Yes, that’s mostly what I meant.

The original wildcard mask is listed as 255.255.255.0

In terms of net mask, that looks like 0.0.0.

My conclusion was based on never having seen a net mask that looks like that. My guess is they didn’t translate the net mask into a wildcard mask . . .

@3rd Question:
access-list 115 permit ip 0.0.0.0 255.255.255.0 any
“only host with ip addresses in the form of x.x.x.0 will be accepted”

the router at the other end of that serial link could never have the IP of 10.45.45.0, that IP is illegal on the 10.45.45.0/24 network. this means that nothing on the other end of the serial link or beyond that could connect to the configured router.

answer A, perfectly correct

This website has really been a blessing to me.
I’ll be writing my ccna exam by the end of this month, pls if anybody has the latest dumps, kindly send to my mail, Snowflakes162003@yahoo.com. God bless you.

Someones probably said this but I don’t want to look, the reason that A is right in the final question is because the netmask of the f0/0 network is 255.255.255.0

Therefore, hosts are all coming from the last 8 bits, therefore the wildcard of 255.255.255.0 would accept all bits in the first 24 bits or the network address, but always match 0 in the last 8 host bits. Therefore the only address that are accepted are x.x.x.0 with no exception. Hope that helps.

its from ICND 2 ??

Hey Guys! Did you download the simulation file ACL1 above from this page ? If u did, have u performed the command “show running-config” and see the following line:

line vty 0 4
login

This means the vty line password wasn’t set and even if we issue command ” ip access-group 114 in” on the interface f0/0, we CAN NOT telnet the Router from the switch. In this case, the switch can ping the router and vice versa. So, according to me, the right answer for the question 2 is:

A. Attempts to telnet to the router would fail

Or the one who created the simulation forgot to set the line vty password!
What do you think ?

what’s the router’s Enable password in this sim?
http://www.9tut.com/download/9tut.com_CCNA_Access_List_Sim.pkt

@Hi: You can find the password in the description of this lab (It is “cisco”).

Hi Zackie, I agree with your anser to Q2.
the login command enabled password check on line vty 0 4, but there is no password which means the access to virtual terminal (no matter which interface) is denied.

@9tut: thanks, I found the password in anther sim :)

need some help on ccna exam module

Well, for me the correct answer is B.

Telnet and ping could work, because if any other host from a /23 subnet, with an IP X.X.X.0/23 (indeed possible) tries, the router will allow that traffic through that interface. However, routing updates are all multicast for this router´s config: 224.0.0.5,224.0.0.6,224.0.0.9, 224.0.0.10, and none of them will be allowed to come into the router.

the sh ip int bri clearly show that s0/0/1 is administatively down,thus could not fw any packet

For question 2 the correct answer is B because it´s reffered to the command ip access-group 114 in and it´s effects on the network. Telnet will really not work but not because that specific command. There is no relationship in my point of view.

thankful to every user who has contributed to 9tut, it made me achieve CCNA certification today :)

almost all question were from Cisco.TestInside.640-802.v17.14.by.Acme.356q.vce and simulations were same as on this site.

@AAMIR: What are the simulations you have got? could you share some questions ?

The answer is A.

I have setup the packet tracer sim with a router on Ser0/0/1. I try to telnet from that router to the IP address 10.45.45.1 and can’t connect with the default ACL. I also setup SSH on the Routers. I can SSH to 10.45.45.1, but when you place ACL 115 on that interface both SSH and Telent stop working. You also start getting routing update errors and other communication problems. 0.0.0.0 255.255.255.0, means that any thing matching 0.0.0.x (where x is a number between 0 – 255) should be permitted, but is any IP that starts with 0 valid? No.

Hello Folks,

For anyone who might want the new CCNP CBT Nuggets videos, i have them all now ROUTE, SWITCH and TSHOOT. contact me if u are interested.

keziemi@gmail.com

i give exam within 25th sep to 30th september,anybody tell me about the lattest dumps??
pls help me………

I have pass the exam today, thanks to 9tut and everyone else who was supporting me.

I recommend to Shaun’s talk

Regarding the question posed at the end of the SIM:

“But what will happen if we don’t use a subnet mask of 255.255.255.0? For example we can use an ip address of 10.45.45.0 255.255.0.0, such a host with that ip address exists and we can connect to the router through that host. Now answer A seems incorrect!”

Not so! We know that the ip address of s0/0/1 is 10.45.45.1/24. So no host with an IP address outside of that subnet can connect anyway, irregardless of the ACL bound to that interface. Answer A is correct given the parameters of the SIM.

FOR Q3 “C” IS THE ANSWER for access-list 102 is applied on “inbound” on S/0/0/1 and in the Q3 says if access-list 115 is applied on “outbound” what would be the outcome. So 2 different access-lists such as 102 and 115 can be applied. and the latter would not affect the former coz both are applied on different bounds.

Hi all ‘;’;For this sim, we have to apply comment and verify before answering or what???
Please help…..Thanks/

Hi Everyone,

I passed today with a score of 973

Basis this experience I can say acme dump and simulations on this website are enough to help clear the exam.

Thanks to whoever had given the acme dump link and thanks to 9tut for the simulations.

hey guys some of the answers here are wrong with regards to the ACL questions when u use the packet tracer

can some help with the wild card calculation pls!!

@emmanuel

so…
you have to think like this:
what is the first IP i have to filter?
what is the last IP i have to filter?
do i have any IPs between the first and last IP that shouldn’t be filter like those 2?
do i have any IPs inside the wildcard i will use that shouldn’t be filtered?

case 1:
first IP: 10.0.1.25
last IP: 10.0.7.44
now the questions.
if i have no problems filtering the IPs between 1.25 and 7.44 then i can think of a big wildcard mask

i’m thinking of using a mask of 0.0.7.255
this would be perfect for the range in question.
if there are no problems filtering the IPs from 10.0.0.1 to 10.0.1.24 then i can use this wildard mask
if there are no problems filtering the IPs from 10.0.7.45 to 10.0.7.254 then i can use this wildcard mask

if everything is ok then my answer is: 10.0.0.0 0.0.7.255

case 2:
i want to filter IPs starting at 10.0.1.25, ending at 10.0.1.52
and
filter IPs starting at 10.0.7.34, ending at 10.0.7.45

now i have to think of 2 wildcard masks.
the first would be a block of 0.63
the second would be a block of 0.15

*********************

what’s with the block sizes?
they are the reverse of subnet masks.
subnet masks are somthing like:

0 – 256 IPs (we count the subnet ID and the broadcast IP too)
128 – 128 IPs
192 – 64
224 – 32
240 – 16
248 – 8
252 – 4
254 – 2 (not usable if in 4th octet)
255 – 1 (not usable if in 4th octet)

now let’s think of wildcard masks. they work this way:
you start at a certain point, you cover a certain range.

usable blocks:

0 – only this one
1 – not usable in first octet
3 – filter 4 IPs, starts at a multiple of 4 (0 is a multiple of 4 too! 0*4=0!)
7 – filter 8 IPs, starts at a multiple of 8
15 – filter 16 IPs, starts at M16
31 – filter 32, starts at M32
63 – filter 64, starts at M64
127 – filter 128, starts at M128 (starts at 0 or 128)
255 – filter 256 IPs (counting from 0 to 255 you have 256 IPs). this also translates to “all possible values in this octet and the octets after this one

you see the relation between them?
my subnetwork is 172.20.7.32 /28 = 255.255.255.240 (has 16 IPs, 14 usable)
if i want to filter this entire subnet i will use which wildcard mask? 0.0.0.15 (filters 16 IPs).
from where does the filtering start? from the multiple of 16: 32.
172.20.7.32 0.0.0.15

my subnetwork is 62.34.34.0/24
i want to filter from 62.34.34.8 to 62.34.34.15
look again: from 8 to 15. those could very well go into a subnet of their own, right? a subnet with a mask of 248.
we do this simple math: 255-248=7.
wilcard to use: 0.0.0.7 (set 7 in 4th octet because that where we are filtering on this case)
starting IP? multiple of (7+1 = 8). we start at 8.

subnet: 23.223.65.0 /16
i want to filter: from 23.223.65.0 to 23.223.65.65
i will use 3 wildcard masks for this:
0.0.0.63 to filter from .0 to .63
0.0.0.0 to filter .64
0.0.0.0 to filter .65

i could’ve used a big wildcard mask: 0.0.0.127, but then i had problems with the IPs outside my interest: from .66 to .126

******************

i hope this helps you, cheers

mistype:
usable blocks:

0 – only this one
1 – not usable in *last* octet

Cleared CCNA today, so funny 1000/1000 is my score, ACL, EIGRP, VTP (all here in 9tut), 53 questions, about 3 to 5 question not in collisio/acme but manageable anyway. Thanks 9TUT CCIP here i come.

@xallax

in the question 2 the option A is also true as i think so !!!

A – Attempts to telnet to the router would fail
B – It would allow all traffic from the 10.4.4.0 network

because we have denied the telnet session in the access list so if we will request for the telnet to the router then it will deny so in this way option A is also true?

is it true as per the my thinking or not? please explain …. help me out!!!!!!!

What is valid reason for a switch to deny port access to new devices when port security is enabled?
A. The denied MAC addresses have already been learned or confgured on another secure interface in the
same VLAN.
B. The denied MAC address are statically configured on the port.
C. The minimum MAC threshold has been reached.
D. The absolute aging times for the denied MAC addresses have expired.

answer in dump was given B. but I think it is C. so please someone clarify my problem

@piyush

there is the only one way to deny the new device from the existing switch by the configuring the static port security to the switch……

so in the question they have writen “valid reason for a switch to deny port access to new devices” ….. in this way they want the reason and the reason is only one that is static port security dont allow the new device untill we manually allow that device on the perticular port of switch……so the answer is B ans surly corect piyush….

@xallax
i would got in the wrong way in the question 2 so i understud now and the answer which is given is true!!!

@piyush @suraj
this question has been asked and answered on todd lammle’s forum
the answer is A.

http://www.lammle.com/discussion/showthread.php?s=e0e332e4f9464ae4b46c4a122092e2b4&p=10222&mode=linear#post10222

@xallax i read the post but what is wrong with option C. if maximum number of mac address that are allowed by switch are learned then also it will not allow the new device to be connected… please explain

@xallas my mistake now i m sure abt answer. thanks for help :-)

Hi all,

i will going to take my exam by the end of october…….can anybody tell me the latest dumps??

Is collisio the latest……….????

I am preparing through it…….

hi please anyone help me i am going to give the exam on 15 oct please tell me which dumps should i go for & lab also
if u have dumps please send me the link

What happen if I have this subnet 172.16.0.0 / 23

I can have a host ip address starting on 0

this is my first subnet 172.16.0.0 to 172.16.2.255

so the ip add 172.16.1.0 is a use host ip address… you can apply it

I think the ans A to Q3 is the correct because the access-list 115 don’t use an specify protocol. Plus the subnet on s0/0/0 dont match the requirements of the crazy: permit ip 0.0.0.0 255.255.255.0 any.

I apply this ip to my computer with no problem

ip 172.16.1.0
mask 255.255.254.0
default gateway 172.16.0.1

I am confused, can someone please explain me 1 question, as per downloaded sim, question says 106 to be removed and add in 104, but 104 does permit ping, so how is 104 addition is valid, please help.

@Ram
The following 2 lines fix the requirement by allowing Ping.

access-list 104 permit icmp any any echo
access-list 104 deny icmp any any echo-reply

access-list 104 permit tcp any any eq ftp
access-list 104 deny tcp any any eq telnet
access-list 104 permit icmp any any echo
access-list 104 deny icmp any any echo-reply
access-list 104 permit ip any any

i am going on 21 oct for exam plzzzzz help me in my exam sims and dums i am confused so plz tel me urgently plzzzzzzzzzzzzz frnds
umar.raza03@gmail.
plzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

shall we answer the 2 & 3 questions without doing sim in real exam

@9tut or Xalax:::::from where can i download the packet tracer v5.3 so that i can open up the labs???

@9tut
will save the link for future use, thanks

@9tut: It’s about your comment to Q3:

“But here raise a question…

The wildcard mask of access-list 115, which is 255.255.255.0, means that only host with ip addresses in the form of x.x.x.0 will be accepted. But we all know that x.x.x.0 is likely to be a network address so the answer A: “no host could connect to Router through s0/0/1” seems right…

But what will happen if we don’t use a subnet mask of 255.255.255.0? For example we can use an ip address of 10.45.45.0 255.255.0.0, such a host with that ip address exists and we can connect to the router through that host. Now answer A seems incorrect!

Please comment if you have any idea for this sim!”

Answer A will be incorrect only for another ip address mask of S0/0/1 interface i.e. for mask 255.x.0.0 then x<255 (0, 128, 192, 224, 240, 248, 252, 254)
But in our case IP address of s0/0/1 is 10.45.45.1/24 so answer A will be correct and for mask 255.255.0.0 in the ACL 115.

process of elimination:
A – No host could connect to Router through s0/0/1
if the host is on 10.0.0.0/23 then 10.0.1.0 could connect…
if the host is on 10.0.0.0/8 then 10.200.250.0 could connect…
any kind of traffic allowed to come in from those IPs
weird option, but this is the only one left standing

B – Telnet and ping would work but routing updates would fail.
telnet would work (no ACL applied to VTY lines)
ping would work from 10.0.1.0/23 (for example)
not a passive interface, it would receive routing updates. invalid option.

C – FTP, FTP-DATA, echo, and www would work but telnet would fail
all traffic is allowed to come in, telnet is no exception. invalid option.

D – Only traffic from the 10.4.4.0 network would pass through the interface
well, actually 10.4.4.0 is the only IP permitted to go in and that’s the network ID on this case. no way a host would have it as its IP. invalid option.

i think option A should better be changed from:
“No host could connect to Router through s0/0/1″ to
“Not all hosts could connect to Router through s0/0/1″…

weird question, weird answer

I think we have to remember about “Occam’s razor” and choose an answer for the network on the picture. It’s a small network with private IP addresses and only 3 networks connected to the router:
F0/0 – 10.4.4.0/24
S0/0/0.1 – 10.140.3.0/24
s0/0/1 – 10.45.45.0/24
And in this case – option “A” is correct.
If we’ll have more complex network an answer “A” will be incorrect too.

hi everybody!
I’ll pass ccna next week, if anyone has the latest dumps please send it to me hind.honey@yahoo.fr
thank you

SO does dat mean dat the original subnet mask for access-list 115 was 0.0.0.255 which i have never seen before?

hello everyone my exam on 19 oct please tell me which sims should i go for & please tell me about any modification in the exam

9tut please upload modified sims

i have studied acme 486 vce & 9 tut sims
is this enough
please tell thanks in advance

Do we have to correct the configuration during the exam?

I passed my CCNA today.. Thanks to 9tut and examcollection

hey all about the last qus.. here he wrote the the access list 115 assuming the addrissing scope that he have this simulation have the addresses :
1- 172.16.4.0/24
2-10.145.145.0/24
3-10.4.4.0/24
4-10.140.3.0
5-10.15.15.0/24

all of them are claas are subnetted with 255.255.255.0 so the WCM is 0.0.0.255 then when we use the 0.0.0.0 255.255.255.0 in ACL this means IGNORE the 255′s OCT’s and look in the 0′s oct’s and we all know that if we have a claas (C ) ip address we cant assign for example 192.168.1.0/24 for a host so the answer is A :D

Understand Access Control Lists.

http://www.info-it.net/cisco/ccna/Baisc-Access-List.html

For Q3, ans A is correct as we cant have 2 “INBOUND” acls on an interface….102 gets overwritten by 115 and 115 allows a n x.x.x.0 address which is not possible as it is a network address and cant be assigned to a host.Thumbs up for 9tut :]

For the sake of sanity, guys, STOP saying that a host address ending in 0 is not valid!!!

xallax, and others above him, did show you clear enough that any host which is part of a network with a netmask equal or less than /23, CAN have the last octet with a 0 value!

@lydia: wilcard masks shouldn’t be thought as necessarily having to have an inverse that makes a valid subnet mask. This approach is true only when translating subnet mask -> wildcard mask, but not the other way around.

Wildcard masks can be used to select discontinuous ranges of IP addresses.

E.g. a wildcard mask of 0.0.0.254 will select every second IP address in a /24 range.
A wildcard mask of 0.0.254.255 will select every second /23 network in a given range (it will be the even or the odd value of the 3rd octet depending on the IP address that’s in front of the wildcard mask).

There are even much more complex examples of discontiguous IP ranges which are selectable by wildcard masks, so while a simple wildcard mask can be derived by inversing a subnet mask, the vice-versa is not always true.

Hey guys I dont know why you argue about Q3, it is all correct.

ACL says: permit ip 0.0.0.0 255.255.255.0 any
meaning those first three octets can be anything and the last one has to be 0.

If we look under serial 0/0/1 interface we see that it has IP address of 10.45.45.1. and subnet mask of 255.255.255.0, meaning that a host to be possible to transmit data to this interface must be in same subnet (must have first three octet 10.45.45 and last one octet, a valid IP host address 1-253).

Due to fact our access list says last octet has to be 0, even though first three can match 10.45.45, last one is invalid (because it is subnetwork address), and we all know that is not valid host address to send to interface serial 0/0/1.

I hope i helped-

“For example we can use an ip address of 10.45.45.0 255.255.0.0, such a host with that ip address exists and we can connect to the router through that host. Now answer A seems incorrect!”

Again you won’t be able to access s0/0/1 not because of the access list, but because the host will be on different subnet than the interface.

If you put them on the same subnet then you’ll need another answer which will state that all hosts with ip addresses that satisfy the condition ip= x.x.x.0/16 and that are not network or broadcast will access the router.

Thankxxx Guysssss……..

@9tut,
Do you have .pka and .pkt files that are compatible with Packet Tracer version 4.1? I would love to run your simulations but i have an older version of packet tracer. If yes, please send to krs828@yahoo.com

TIA, /KRS

this site is extremely helpful to pass the CCNA exam. Thank you guys for all the sims and questions on this site. just go through all the sims and the 665q dumbs.. study the sims and concept mainly.. you learn a lot from these questions and thus you can handle almost any ccna question from the enhanced knowledge you get through these dumbs and sims. my advice is to use these material positively to enhance your knowledge and thus help yourself to pass CCNA. GOD bless!!

@KRS: It’s a pity we don’t have older version of these sims.

@krs
you can visit this forum and get some info regarding the latest version of packettracer
http://www.certprepare.com/forum/index.php?showtopic=1664

Dears
if you have any latest dumps please send me because my exam is on this week end

hossam.saber4@gmail.com

thnx in advance

how do you very these questions?? im writing tomorrow, any help would be appreciated.

much thanks and Good Luck

i dont hv any knowlenge on d CCNA SIM can i still pass ccna 640-802

hello there…

Can someone plz explain why cant switch ping router 10.4.4.3 in first place?

i think when it tries to ping router’s fa0/0 it generates echo request, so the access list shouldnt block it….

comments plz..

Hi All,
I have gone through the discussion regarding ques3. May be i meed something here. So what is the correct answer for this question?

AGAIN FOR NEVER-ENDING ->>> Q3 << IS CORRECT ANSWER.

FAQs for those whom had doubt about:
Q1: Network addresses (eg. 10.2.3.0) can’t be assigned to an interface:
A1: WRONG!!! (it always depends of mask, eg. of valid IP of interface: 10.2.3.0 255.255.252.0

Q2: If network address can be assigned to an interface, then A is incorrect answer
A1: WRONG!!! In this particular task interface S0/0/1 has mask of /24 therefore
you can not reach it from zero network address ip (10.2.3.0) because all of these kind of addresses will be from different subnet.

Question is tricky but very clear after all -> If it still makes no sense to you, repeat subnetting section from your course materials!
Good luck champs!

A -> IS CORRECT ANSWER.
(see above, (sorry it deleted part of my post somehow)

God bless u 9tut love all the stuff available on the site… really great full to the team of 9tut me going to attempt exam on 23rd dec hoping for good results…

Option A is correct for the third question. If you notice, ospf is running for interface in question and the ACL 115 would not allow neighbours to be formed hence no host on this interface.

router ospf 100
log-adjacency-changes
network 10.4.4.3 0.0.0.0 area 0
network 10.45.45.1 0.0.0.0 area 0
network 10.140.3.2 0.0.0.0 area 0
network 192.168.2.62 0.0.0.0 area 0

Pls infom to me new dump send this emailid mayur.shrikar@gmail.com.
I wait u r reply, I hops to any frd to help me us… thanks but i waiting u r reply..

if anybody has latest pass4sure dumps or any other valid dumps other than collisio 486q then please mail them to me .. at rishiraj1989@hotmail.com

9Tut and zallax nice jobs!!!!!!

i been Following you guys for 15 days .

9TUT:- For Q3 (Please comment if you have any idea for this sim)

what i feel is ,the network which connect to s0/0/1 will have 24 bit mask (to be on same subnet),so anyways for x.x.x.0(i care),0 will never be assigned to any host
so acl 115 fits well.and hence ans should be A.

@manoj
yes, answer A is true on this scenario, but 9tut’s explanation also covers the case with subnets on a class A network.

my email is kun23m@yahoo.vom
send me the latest exams question

@ Q3

We have wild card mask as 0.0.0.255 it means
00000000.00000000.00000000.11111111

and ip add as 0.0.0.0

which in return means
that access list will check only the fourth octet and it doesnt care about 1st 2nd and 3rd octet because of wildcard mask, if the fourth octet is exactly same it will permit it

Suppose we have ip add of
10.0.0.0/23
now the range of first 2 subnets as
1)10.0.0.0-10.0.1.255
2)10.0.2.0-10.0.3.255

The valid range is obviously removing the net id and broadcast it

Therefore Valid range is
10.0.0.1-10.0.1.254
and
10.0.2.1-10.0.3.255

We can place any ip add from the valid range to any device and still the IP will we valid
so lets take 10.0.1.0 from the first subnet
If access list 115 have to process this ip that is 10.0.1.0/23 it will permit because:
1) 10.0.1.0/23 is a valid IP address and it can be assigned to any device
2) the wildcard mask is 255.255.255.0 which means that access list will only check the fourth octet if its same it will permit it therefore in this case ip address 10.0.1.’0′/23 will be permitted as the fourth octet of 0.0.0.’0′ 255.255.255.0 is same

Q3 option A seems invalid
But remember that we are applying access list on s0/0/1 usually serial interface use mask of /30 right ?

keeping that in mind option A seems right but its obviously not perfectly correct

Hi Friends,

How do i post questions with screens. I have some doubts and wanted to ask them. Please let me know if there is a way to do on this site

I am going to give my paper this month.. any latest dumps or suggestions will be appreciated.

friend4you1@hotmail.com

I belive the answer for Q3 is B.The explanations are alredy said.I only add : routing updates
come from neighbours, in that case with a source address from 10.45.45.0/24 network and because of /24 would not pass.