ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-401 All Questions

View all questions & answers for the 350-401 exam
Go to Exam

Exam 350-401 topic 1 question 803 discussion

Actual exam question from Cisco's 350-401
Question #: 803
Topic #: 1
[All 350-401 Questions]



Refer to the exhibit. An engineer must allow the FTP traffic from users on 172.16.1.0 /24 to 172.16.2.0 /24 and block all other traffic. Which configuration must be applied?

  • A. R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 21 172.16.2.0 0.0.0.255

    R1 (config)#interface giga 0/2 -
    R1 (config-if)#ip access-group 120 in
  • B. R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255 20
    R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255 21

    R1(config)#interface giga 0/2 -
    R1 (config-if)#ip access-group 120 in
  • C. R1 (config)# access-list 120 deny any any
    R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255 21

    R1 (config)#interface giga 0/0 -
    R1(config-if)#ip access-group 120 out
  • D. R1(config)# access-list 120 permit tcp 172.16.1.0 0.0.0.255 21 172.16.2.0 0.0.0.255
    R1(config)# access-list 120 permit udp 172.16.1.0 0.0.0.255 21 172.16.2.0 0.0.0.255

    R1 (config)#interface giga 0/2 -
    R1(config-if)#ip access-group 120 out
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by djedeen at Nov. 28, 2023, 11:34 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Shrikant3d
Highly Voted 1 year ago
Query: in answer B why dont they put eq 21 or eq 20 before port number
upvoted 5 times
AbdullahMohammad251
7 months, 2 weeks ago
They forgot to include the "eq" keyword
upvoted 1 times
...
...
[Removed]
Most Recent 11 months, 3 weeks ago
Selected Answer: B
B is correct
upvoted 1 times
...
slacker_at_work
1 year, 2 months ago
Example given for active FTP: https://www.cisco.com/c/en/us/support/docs/ip/access-lists/26448-ACLsamples.html#toc-hId--437118599
upvoted 1 times
slacker_at_work
1 year, 2 months ago
Answer has to be B
upvoted 2 times
...
...
djedeen
1 year, 5 months ago
Selected Answer: B
Has to be B, ftp 'active mode' uses port 21 for control and 20 for data, both are TCP. ftp in passive mode will use a random port instead of 20 for data, typical is 1024 to 65535.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago