Using Cisco IOS, which two object-group options will permit networks 10.1.1.0/24 and 10.1.2.0/24 to host 192.168.5.1 port 80 and 443? (Choose 2.)
Click on the arrows to vote for the correct answer
A. B. C. D.AD.
The correct answers are B and C.
Answer A is incorrect because the "range" keyword does not accept multiple ranges, so it should be either "range 10.1.1.0 10.1.1.255" or "range 10.1.2.0 10.1.2.255" to specify each network range individually. Additionally, the "tcp source gt 1024" statement is not necessary as it allows any source port greater than 1024, which is the default behavior anyway.
Answer B is correct because it uses the correct syntax for object-group network and specifies both network ranges using the wildcard mask "0.0.0.255". It also correctly specifies the destination host and the required TCP ports for HTTP traffic. Finally, it uses an extended IP access list to permit the traffic.
Answer C is also correct, but instead of using the wildcard mask, it specifies the network ranges using the subnet mask "255.255.255.0". Otherwise, it is the same as answer B.
Answer D is incorrect because it includes the unnecessary "tcp source gt 1024" statement, and it uses an extended IP access list but does not specify the object-groups in the correct order. The correct syntax for the extended IP access list should be "permit object-group HTTP object-group SOURCE object-group DESTINATION".
In conclusion, answers B and C are the correct options to permit networks 10.1.1.0/24 and 10.1.2.0/24 to host 192.168.5.1 on ports 80 and 443 using object-groups and access lists in Cisco IOS.