Agree with Amgue that connectivity should already work as pc-2 hits the sequence 30 ACE and as it does not match sequence 10 or 20
There may be a typo in the graphic and sequence 20 should actually read :
deny tcp any host 2018:DB1:A:C::1 eq telnet sequence 20
That would make answer D correct.
However if there's no typo I go for answer B - it tidies things up the most - not completely as sequence 30 remains - but it looks the best fit.
Just to update my comment. If you look at the comment below from JOKERR. There is almost certainly a typo in the question above.
That would make the corect answer = D
Most fitting answer is D. As mentioned by studybuddy22 B fully allows telnet access to Terminal Server. D instead only allows telnet access to Terminal Server from PC-2 and blocks all other telnet access as originally intended.
Sequence 15 in Answer D "sequence 15 permit tcp host 2018:DB1:A:B::2 host 2018:DB1:A:C::1 eq telnet" is similar to Seq 30 and so the router will just take the accept the ACE but not change the configs on the Default_Access ACL. So D doesnt change anything and thus incorrect
Sequence 5 in Answer B "sequence 5 permit tcp host 2018:DB1:A:B::2 host 2018:DB1:A:C::1 eq telnet" is the same again as Sequence 30 and has the same effect i.e., it doesn't change anything regarding the configs of Default_Access ACL. However the "no sequence 20 " part in Answer B makes the difference. This is what removes the restriction and thus allow Sequence 30 to allow access. Correct answer is B
the given answer is correct since the acl sequence 10 is permitting the pc-1, then we need to add in a nother permit for pc2 with sequence 15 or 12 or 12 ...
going for D, B violates security. The purpose of this ACL seems to be protection of telnet only as it allows all at seq 40 from those ranges. So only D, they should remove seq 30 though for cleanup.
Although the sequence 30 is a good rule to permit PC-2 to Telnet to the server, it is being blocked by the earlier sequence 20 rule which denies ALL telnet traffic to the server.
B also works but is not the best answer. Because removing 20 opens up the ACL to any one to telnet to destination. Adding sequence before it completes our objective while still blocking unwanted devices from accessing via telnet.
Now I am confused, because in exam, I remember that sequence 20 is:
deny tcp any host 2018:db1:A:C::1 eq telnet sequence 20
Which is blocking any telnet connection to terminal server. But here if the seq 20 is not terminal server, either A or D should be correct.
Hi did you pass the exam, where did you study from ?
upvoted 1 times
...
...
...
This section is not available anymore. Please use the main Exam Page.300-410 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Surfside92
Highly Voted 3 years, 8 months agoSurfside92
3 years, 6 months agoHorsefeathers
Most Recent 1 year, 6 months agoasans
1 year, 7 months agoChiaretta
2 years agointeldarvid
2 years agoDacusai
2 years, 3 months agoNhan
3 years, 1 month agostudybuddy10
3 years, 8 months agoamgue
3 years, 9 months agorob899
1 year, 11 months agoC_Tw21
3 years, 9 months agoAliMo123
3 years, 9 months agoJOKERR
3 years, 7 months agoJOKERR
3 years, 7 months agoJOKERR
3 years, 7 months agoYaPet
3 years, 5 months agotefacert
3 years, 2 months ago