Refer to the exhibit. An engineer is trying to block the route to 192.168.2.2 from the routing table by using the configuration that is shown. The route is still present in the routing table as an OSPF route. Which action blocks the route?
A.
Use an extended access list instead of a standard access list.
B.
Change sequence 10 in the route-map command from permit to deny.
C.
Use a prefix list instead of an access list in the route map.
D.
Add this statement to the route map: route-map RM-OSPF-DL deny 20.
B is correct.
Dont know how to explain it well but here it goes.
With the ACL you permit the network or host you want.
with Route-map it will process the match clause and do what you configured the route-map either permit or deny the route.
in the question the route map is permitting the network 192.168.2.2 as its permited to by the permit statement in the ACL.
if we change the route-map to deny. It will deny network 192.168.2.2 becuase again its permitted by the ACL to process it and do what the route-map is configured to do which will deny it from showing in the routing table.
ACLs are configured with permit to have the networks or hosts to be processed by the route-map.
config
ip access-list standard 1
permit host 192.168.2.2
(implicit deny any is added at the end of the ACL by default)
route-map RM-OSPF-DL deny 10
match ip address 1
this will process 192.168.2.2 due to the (ACL permit) statement and deny it (through the route-map deny) statement while all other traffic is allowed by the (ACL) implicit deny statement
hope that makes sense
Tested in lab.
Answer A: permit in ACL and permit in route-map - 192.168.2.2 remain in the routing table.
Answer B: deny in ACL and permit in route-map will remove 192.168.2.2 from the routing table.
Answer C: permit in prefix-list and permit in route-map - 192.168.2.2 remain in the routing table.
Answer D: the sequence 10 already let the 192.168.2.2 remain in the routing table.
We use a prefix list as it's name implies to match a list of subnets. In this case we only want to deny just one subnet. Now also in the question it does not specify if all other networks need to be denied. I go for B
This section is not available anymore. Please use the main Exam Page.300-410 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
TigerDrev
Highly Voted 4 years, 10 months agonetworkWiz
Highly Voted 7 months, 1 week agodeech
Most Recent 1 month, 3 weeks agojansan55
7 months, 2 weeks ago[Removed]
9 months, 2 weeks agoAlnaris
9 months, 3 weeks agoKZM
11 months, 3 weeks ago144092b
1 year, 1 month agoMasoudGhorbani
1 year, 2 months agoLl123123
1 year, 6 months agoLanreDipeolu
1 year, 7 months agovallzo
10 months, 1 week agojojoseb
1 year, 9 months agoguy276465281819372
1 year, 11 months agoMalasxd
1 year, 11 months agoDacusai
1 year, 12 months agoanonymous1966
2 years agodavdtech
2 years ago