Refer to the exhibit. This ACL is configured to allow client access only to HTTP, HTTPS, and DNS services via UDP. The new administrator wants to add TCP access to the ONS service. Which configuration updates the ACL efficiently?
A.
no ip access-list extended Services ip access-list extended Services 30 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain
B.
ip access-list extended Services 35 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain
C.
ip access-list extended Services permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain
D.
no ip access-list extended Services ip access-list extended Services permit udp 10.0.0.0 0.255.255.255 any eq 53 permit tcp 10.0.0.0 0.255.255.255 host 198.51.100.11 eq domain deny ip any any log
Just curious, It said "by gewe" which mean you are the contributor of this questions right? So who gave the answer above? you or admin?
I find it strange since I saw few questions listed that you are the contributor only to find that you give different answer in the comment...
I mean, I don't blame you if you change your answer after further research.
The question asks us to allow access only to HTTP, HTTPS, and DNS via both TCP and UDP:
A is incorrect, it will only permit client access to DNS services via TCP (but we need DNS via UDP, HTTP, and HTTPS services)
B is correct (the permit statement must be placed before the "deny ip any any" statement to allow DNS services via TCP
C is incorrect (without specifying the sequence number, the entry will be placed last in the access list with a sequence number of 50. This makes it inactive and unreachable because a "deny ip any any" entry in the ACL comes before it in order and will be executed first.)
D allows access only to DNS services (without allowing access to HTTP, HTTPS )
Option A will delete the ACL completely and create a new one with only one entry, which is not efficient.
Option C is missing the line number and will insert the new entry at the beginning of the list, which may affect the order of other rules.
Option D allows access to both UDP and TCP DNS services and adds an unnecessary entry at the end that denies all other IP traffic. This option is not efficient and may cause issues.
Option B adds a new entry to the existing ACL with the appropriate line number and rule syntax, allowing TCP access to the ONS service while keeping the existing rules for HTTP, HTTPS, and DNS services. This option is the most efficient and effective way to update the ACL.
This section is not available anymore. Please use the main Exam Page.200-301 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
gewe
Highly Voted 2 years, 2 months agooatmealturkey
2 years, 2 months agoBrocolee
1 year, 10 months ago[Removed]
1 year, 5 months agoStichy007
Highly Voted 2 years, 2 months agoJoshua25
Most Recent 6 months agoRich_rude
1 year ago[Removed]
1 year, 1 month agoAbdullahMohammad251
1 year, 4 months ago[Removed]
1 year, 10 months agoShri_Fcb10
1 year, 9 months agoSimon_1103
2 years agorx78_2
2 years, 1 month agolucantonelli93
2 years, 2 months agoRynurr
2 years, 2 months ago