ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-401 All Questions

View all questions & answers for the 350-401 exam
Go to Exam

Exam 350-401 topic 1 question 412 discussion

Actual exam question from Cisco's 350-401
Question #: 412
Topic #: 1
[All 350-401 Questions]


Refer to the exhibit. Which commands are required to allow SSH connections to the router?
A.

B.

C.

D.

Show Suggested Answer Hide Answer
Suggested Answer: A
by Caledonia at Sept. 8, 2022, 1:19 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Deu_Inder
Highly Voted 2 years, 8 months ago
Question is badly worded. They should say that SSH needs to be policed. Answer B is right.
upvoted 15 times
...
FerroForce
Highly Voted 2 years ago
B is correct. Extended ACL could not be 10.
upvoted 10 times
...
Paladin17
Most Recent 3 months, 1 week ago
Admin, why is the answer marked A?
upvoted 1 times
...
andrpercud
6 months, 2 weeks ago
B is correct, Explanation: ACL 100 and 101: Both ACLs permit TCP traffic on port 22, which is necessary for SSH access. While it’s redundant to have two ACLs doing the same thing, they both allow SSH traffic. Class-map: The class-map correctly matches Access-group 101, enabling traffic that matches this ACL to be processed by the subsequent policy-map.
upvoted 2 times
abrielirus123
3 months, 1 week ago
I agree with danman32, matching SSH on ACL 100 doesn't make sense as it would match both telnet and SSH in the telnet class-map. I think the router would even ignore the ssh class-map if it was below the telnet class-map in the policy-map.
upvoted 1 times
...
...
andrpercud
6 months, 2 weeks ago
B is correct, Explanation: ACL 100 and 101: Both ACLs permit TCP traffic on port 22, which is necessary for SSH access. While it’s redundant to have two ACLs doing the same thing, they both allow SSH traffic. Class-map: The class-map correctly matches Access-group 101, enabling traffic that matches this ACL to be processed by the subsequent policy-map.
upvoted 1 times
...
Zendahr
10 months, 2 weeks ago
B is correct. Extended ACL could not be 10.
upvoted 2 times
...
[Removed]
11 months, 3 weeks ago
B is the only one that makes a bit of sense
upvoted 1 times
...
kejvi
1 year, 2 months ago
B seems the best acl should contain "tcp any any eq 22", not "any eq 22 any", that would be src port 22
upvoted 2 times
...
danman32
1 year, 9 months ago
Why is there an entry for access-list 100 in B and C? Access-list 100 will have no effect on the newly created class-map, but could break the existing class-map.
upvoted 4 times
PureInertiaCopy
1 year, 9 months ago
Wondering the exact same thing...
upvoted 1 times
...
...
andyforreg
1 year, 10 months ago
Answer - B
upvoted 2 times
...
nikramor
1 year, 10 months ago
B is correct
upvoted 3 times
...
HarwinderSekhon
1 year, 10 months ago
B is correct.
upvoted 3 times
...
lafrank
2 years ago
A can't be correct, as access-list 10 is standard ACL and as such it is not supporting port definition
upvoted 3 times
...
Ayman_B
2 years, 1 month ago
I could not find any defefirent between A and B , both of them are correct . can any body clarifying the deffirent
upvoted 1 times
Pilgrim5
2 years ago
The difference is in the beginning access list statements. A - access-list 10 is wrong because standard access lists only support source address and mask. They don't support adding destination addresses, masks or source and destination ports. B - access-list 100 is right because this is an extended access list and extended access lists support source and destination addresses and masks and also source and destination ports. Standard access lists - 1-99 Extended access lists - 100-199
upvoted 6 times
...
...
bendarkel
2 years, 3 months ago
B is correct. A is wrong because per the ACL, the traffic is being sourced from port 22.
upvoted 4 times
...
kewokil120
2 years, 3 months ago
B is right
upvoted 2 times
...
H3kerman
2 years, 5 months ago
A can't be right, because ACL 10 is standard, bud defined in config is extended. I would vote B
upvoted 4 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago