ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-410 All Questions

View all questions & answers for the 300-410 exam
Go to Exam

Exam 300-410 topic 1 question 409 discussion

Actual exam question from Cisco's 300-410
Question #: 409
Topic #: 1
[All 300-410 Questions]



Refer to the exhibit. Which action limits access to R2 from 192.168.12.1?

  • A. Modify sequence 20 to permit tcp host 192.168.12.1 eq 22 any to access-list 100.
  • B. Swap sequence 10 with sequence 20 in access-list 100.
  • C. Swap sequence 20 with sequence 10 in access-list 100.
  • D. Modify sequence 10 to deny tcp any eq 22 any to access-list 100.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by xzckk at Dec. 18, 2022, 1:35 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
xzckk
Highly Voted 2 years, 5 months ago
What is the difference between B and C??
upvoted 21 times
Mad_Scorpion
2 years, 4 months ago
I guess there maybe a typo in the original question. Option C should be "swap seq 20 with seq 10 in access-list 199".
upvoted 6 times
...
Pietjeplukgeluk
1 year, 3 months ago
In the answer B and C are identical. It might indeed be a type, but currently the are the same.
upvoted 1 times
...
...
1chung
Most Recent 1 month ago
Selected Answer: C
Correct answer is C
upvoted 1 times
...
[Removed]
10 months, 1 week ago
Selected Answer: B
B is corerct
upvoted 1 times
...
ZamanR
1 year, 5 months ago
I think C is the answer
upvoted 1 times
...
HungarianDish_111
2 years ago
Selected Answer: B
IMHO, B or C seem to be both OK. They would like to police SSH traffic only from source 192.168.12.1. So, they need to match the traffic with an access-list: 10 permit tcp host 192.168.12.1 any eq 22 -> Police (rate-limit) this traffic 20 deny tcp any any eq 22 -> Allow this traffic unconstrained Then they use it in the class-map SSH: class-map SSH match access-group 100 policy-map CoPP class SSH This CoPP constrains traffic from 192.168.12.1 (matched by "permit"), but allows hosts with any other source address without constraint (excluded by "deny"). They have to "deny" SSH traffic from any other source addresses in the ACL so that they are excluded from "class-map SSH". They will be matched and allowed unconstrained by the “class-default” which is implemented implicitly at the end of the policy-map.
upvoted 3 times
HungarianDish_111
2 years ago
Good example + explanation: https://www.networktut.com/control-plane-policing-copp-tutorial
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel