After finishing my Cisco Networking Academy course back in April, I have to say it is absolutely worthless. I'm going to need some independent study (I aced all 4 semesters of it with an A+ average, but I doubt I'll pass the CCNA anyway). Here's my question:

Which access list configuration allows only traffic from network 172.17.0.0 to enter interface serial 0?

A. Access-list 10 permit 172.17.0.0 0.0.255.255, int s0, ip access-group 10 out
B. Access-list 10 permit 172.17.0.0 0.0.255.255, int s0, ip access-group 10 in
C. Access-group 10 permit 172.17.0.0 0.0.255.255, int s0, ip access-list 10 out
D. Access-list 10 permit 172.17.0.0 0.0.255.255, int s0, ip access-list 10 in

I know choices C and D are wrong, but what about A or B? Since traffic any from 172.17.x.x IP is allowed in to the serial 0 interface, and there's an implicit deny all 0.0.0.0 255.255.255.255 for any other IPs to enter serial 0 am I correct to say choice B is the answer?

Thanks