单选题在一台Cisco路由器上封禁ICMP协议，只允许215.192.40.16/28和202.204.28.2/24子网的ICMP数据包通过路由器，下列正确的access-list配置是______。

A.Router(config)#access-list 98 permit icmp 215.192.40.160.0.0.15 any Router(config)#access-list 98 permit icmp 202.204.28.0 0.0.0.255 any Router(config)#access-list 98 deny icmp any any Router(config)#access-list 98 permit ip any any Router(config)#
B.Router(config)#access-list 198 permit icmp 215.192.40.16 0.0.0.15 any Router(config)#access-list 198 permit icmp 202.204.28.0 0.0.0.255 any Router(config)#access-list 198 permit ip any any Router(config)#access-list 198 deny icmp any any Router(config)#
C.Router(config)#access-list 198 permit icmp 215.192.40.16 0.0.0.15 any Router(config)#access-list 198 permit icmp 202.204.28.0 0.0.0.255 any Router(config)#access-list 198 deny icmp any any Router(config)#access-list 198 permit ip any any Router(config)#
D.Router(config)#access-list 100 permit icmp 215.192.40.16 255.255.255.240 any Router(config)#access-list 100 permit icmp 202.204.28.0 255.255-255.0 any Router(config)#access-list 100 deny icmp any any Router(config)#access-list 100 permit ip any any Router(config)#

【正确答案】 C

【答案解析】[解析] 对每个选项逐个分析，选项A错误在于没有采用扩展访问控制列表，选项B的错误在于规则顺序错误，这会导致无法禁止其他ICMP协议的传输，选项D错误在于没有采用反掩码。