ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-401 All Questions

View all questions & answers for the 350-401 exam
Go to Exam

Exam 350-401 topic 1 question 723 discussion

Actual exam question from Cisco's 350-401
Question #: 723
Topic #: 1
[All 350-401 Questions]

Refer to the exhibit.



Extended access-list 100 is configured on interface GigabitEthernet 0/0 in an inbound direction, but it does not have the expected behavior of allowing only packets to or from 192.168.0.0/16. Which command set properly configures the access list?

  • A. R1(config)#no access-list 100 deny ip any any
  • B. R1(config)#no access-list 100 seq 10
    R1(config)#access-list 100 seq 40 deny ip any any
  • C. R1(config)#ip access-list extended 100
    R1(config-ext-nacl)#5 permit ip any any
  • D. R1(config)#ip access-list extended 100
    R1(config-ext-nacl)#no 10
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by snarkymark at March 11, 2023, 12:06 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AbdullahMohammad251
7 months ago
Selected Answer: D
A. Incorrect, deletes the entire access list B. Incorrect, uses the wrong syntax C. Incorrect permits all traffic, but we want to permit only traffic originating from, or headed to 192.168.0.0/16 D.* Correct, uses the correct syntax( the sequence number is specified under the extended-acl settings.)
upvoted 1 times
...
[Removed]
10 months, 3 weeks ago
Selected Answer: D
D is correct
upvoted 1 times
...
[Removed]
11 months, 1 week ago
D is correct
upvoted 1 times
...
raajj354
1 year, 4 months ago
Can someone explain seq 30? Please.
upvoted 1 times
gorillaenhanced
1 year, 2 months ago
"... the expected behavior of allowing only packets TO or FROM 192.168.0.0/16" 20 is TO 30 is FROM
upvoted 3 times
...
...
CCNPWILL
1 year, 7 months ago
D is correct. its short hand but its correct.
upvoted 1 times
...
yqpmateo
1 year, 7 months ago
no access-list 100 seq 10, will delete the entire access-list 100 !!!! you need to enter under the access list configuration and run a no command for the sequence you want to delete.
upvoted 3 times
slacker_at_work
1 year, 2 months ago
How will you ever learn when you don't make mistakes ?
upvoted 1 times
...
...
djedeen
1 year, 9 months ago
Selected Answer: D
Note: At the end of each access list there is an explicit deny all statement, so the second ACL statement wasn’t really necessary. After applying an access list, every traffic not explicitly permited will be denied.
upvoted 1 times
djedeen
1 year, 9 months ago
Meaning - no deny everything else needed, just the first two permit statements (20 and 30).
upvoted 3 times
...
...
Cryptoking112211
1 year, 10 months ago
The correct answer is B you need to move the deny rule to the bottom of the list as the question says to only allow the subnet to and from.
upvoted 2 times
a197cbf
9 months, 4 weeks ago
It's incorrect, because there is no "seq" option in the "no access-list" command. if you run that, it'll delete the entire ACL. I just tried it: R1(config)#no access-list 100 ? <cr> <cr> No options after the ACL number, but if I run the command in B, it will remove my entire ACL: R1(config)#no access-list 100 seq 10 R1(config)#do sh access-list 100 R1(config)#
upvoted 1 times
...
...
Pilgrim5
1 year, 11 months ago
Selected Answer: D
D makes sense because the 10 statement won't allow ip packets from the 192.168.0.0 subnet or any other subnet pass through
upvoted 2 times
...
snarkymark
2 years, 1 month ago
Selected Answer: D
correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago