ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-301 All Questions

View all questions & answers for the 200-301 exam
Go to Exam

Exam 200-301 topic 1 question 696 discussion

Actual exam question from Cisco's 200-301
Question #: 696
Topic #: 1
[All 200-301 Questions]

An engineer is configuring remote access to a router from IP subnet 10.139.58.0/28. The domain name, crypto keys, and SSH have been configured. Which configuration enables the traffic on the destination router?

  • A. line vty 0 15 access-class 120 in ! ip access-list extended 120 permit tcp 10.139.58.0 0.0.0.15 any eq 22
  • B. interface FastEthernet0/0 ip address 10.122.49.1 255.255.255.252 ip access-group 10 in ! ip access-list standard 10 permit udp 10.139.58.0 0.0.0.7 host 10.122.49.1 eq 22
  • C. interface FastEthernet0/0 ip address 10.122.49.1 255.255.255.252 ip access-group 110 in ! ip access-list standard 110 permit tcp 10.139.58.0 0.0.0.15 eq 22 host 10.122.49.1
  • D. line vty 0 15 access-group 120 in ! ip access-list extended 120 permit tcp 10.139.58.0 0.0.0.15 any eq 22
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by icecool2019 at Oct. 15, 2022, 3:09 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ricky1802
Highly Voted 1 year, 8 months ago
Selected Answer: A
A is the correct answer. Line vty can go only with access-class, not with access-group!
upvoted 17 times
...
[Removed]
Most Recent 8 months ago
Selected Answer: A
A is correct
upvoted 2 times
...
Nmk3216
1 year ago
Selected Answer: A
it's clear. under the line vty command line which will be applied an ACL must be as ip access-class, not ip access-group. Therefore A. is the correct answer.
upvoted 2 times
...
anchilinq
1 year, 2 months ago
can anyone compare A and C?
upvoted 1 times
anchilinq
1 year, 2 months ago
sorry i made a typo, I meant A and B
upvoted 1 times
berpiy1028
1 year, 2 months ago
An engineer is configuring "remote" access I think must configuring line vty
upvoted 1 times
...
...
...
[Removed]
1 year, 4 months ago
Selected Answer: A
A. line vty 0 15 access-class 120 in ip access-list extended 120 permit tcp 10.139.58.0 0.0.0.15 any eq 22
upvoted 2 times
...
Dutch012
1 year, 9 months ago
It should be access-group 120 like answer D not like A
upvoted 2 times
...
icecool2019
2 years, 1 month ago
The answer should be C
upvoted 2 times
chongtb
1 year ago
access-list matching statement use wildcard mask not subnet mask. "ip access-class" use in line vty, and "ip access-group" use in interface like gigaethernet, fastethernet
upvoted 1 times
...
RougePotatoe
2 years ago
Standard access range is 1-99 so it can't be C.
upvoted 5 times
...
EliasM
2 years, 1 month ago
I disagree. In C you are allowing source port 22. Clients will never use port 22 as source port when connecting to a ssh device. They will use a randomly generate port, usually between the 49k-65k port range. The only options that correctly configured the ACL are A and D, but only A uses the correct command for VTY lines which is access-class. So correct answer is A.
upvoted 7 times
Request7108
1 year, 10 months ago
No, this is for SSH access so it will be port 22
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel