There are a series of posts by INE, I believe the author is Brian McGahan (A very smart guy to say the least), that explains how to optimally create an ACL with discontiguous networks.
You can find the series of posts here
I apologies if I’ve given the credit to the wrong INE instructor, you guys are great!
I attempted to summarize the process that is so wonderfully explained in great detail in the above posts. The scenario is below. Just after the scenario is the summary. The answer to the scenario is left out.
Create an ACL to use as an access-class on the VTY ports. Use as few lines as possible. You must use two “deny” statements in your ACL.
The following hosts should be allowed to telnet into your router: