ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-410 All Questions

View all questions & answers for the 300-410 exam
Go to Exam

Exam 300-410 topic 1 question 212 discussion

Actual exam question from Cisco's 300-410
Question #: 212
Topic #: 1
[All 300-410 Questions]


Refer to the exhibit. A junior engineer configured SNMP to network devices. Malicious users have uploaded different configurations to the network devices using
SNMP and TFTP servers.
Which configuration prevents changes from unauthorized NMS and TFTP servers?

  • A. access-list 20 permit 10.221.10.11 access-list 20 deny any log ! snmp-server group NETVIEW v3 priv read NETVIEW access 20 snmp-server group NETADMIN v3 priv read NETVIEW write NETADMIN access 20 snmp-server community Cisc0Us3r RO 20 snmp-server community Cisc0wrus3r RW 20 snmp-server tftp-server-list 20
  • B. access-list 20 permit 10.221.10.11 access-list 20 deny any log ! snmp-server group NETVIEW v3 priv read NETVIEW access 20 snmp-server group NETADMIN v3 priv read NETVIEW write NETADMIN access 20 snmp-server community Cisc0wrus3r RO 20 snmp-server community Cisc0Us3r RW 20 snmp-server tftp-server-list 20
  • C. access-list 20 permit 10.221.10.11 access-list 20 deny any log
  • D. access-list 20 permit 10.221.10.11
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by JOKERR at May 25, 2022, 6:51 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mrnipsnips
Highly Voted 2 years, 8 months ago
Man cisco are petty AF
upvoted 15 times
Slinky
2 years, 5 months ago
Absolutely died laughing at this but it's true
upvoted 2 times
ledesir
1 year, 8 months ago
hahhahhhha same thing for me
upvoted 1 times
buddhagaut
1 year, 5 months ago
lmaooo
upvoted 1 times
...
...
...
...
MasterMatt
Highly Voted 2 years, 3 months ago
Selected Answer: A
access-list 20 permit 10.221.10.11 --> Permitting only from NMS. access-list 20 deny any log --> Similar to implicit deny by logging is enabled. snmp-server group NETVIEW v3 priv read NETVIEW access 20 --> We filter based on the access-list snmp-server group NETADMIN v3 priv read NETVIEW write NETADMIN access 20 --> We filter based on the access-list snmp-server community Cisc0Us3r RO 20 --> Same level of permission but we filter based on the access-list snmp-server community Cisc0wrus3r RW 20 --> Same level of permission but we filter based on the access-list snmp-server tftp-server-list 20 --> Limit TFTP servers used via SNMP only over access-list 20
upvoted 8 times
...
RickAO76
Most Recent 1 year, 3 months ago
Selected Answer: A
Cisco, I hate when you do this. you could of at least made the community strings stand more apart from one another instead of being almost identincal Cisc0Us3r Cisc0wrus3r
upvoted 1 times
...
ZamanR
1 year, 7 months ago
A is correct answer
upvoted 1 times
...
Jey117
1 year, 9 months ago
Are you kidding? You can fail this question just because they inverted communities? Cisco WTHell. Stop trying to take people's money. LOL
upvoted 2 times
...
Colmenarez
1 year, 11 months ago
Spot the difference type of question hahahaha
upvoted 4 times
...
JOKERR
3 years, 2 months ago
Isn't t the answer B? Because B has the RW community string...
upvoted 2 times
Bolt_Action_Studios
3 years, 2 months ago
Community strings are reversed with B
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel