ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-401 All Questions

View all questions & answers for the 350-401 exam
Go to Exam

Exam 350-401 topic 1 question 271 discussion

Actual exam question from Cisco's 350-401
Question #: 271
Topic #: 1
[All 350-401 Questions]

Refer to the exhibit.

An engineer must deny Telnet traffic from the loopback interface of router R3 to the loopback interface of router R2 during the weekend hours. All other traffic between the loopback interfaces of routers R3 and R2 must be allowed at all times.
Which command set accomplishes this task?

  • A. R3(config)#time-range WEEKEND R3(config-time-range)#periodic Saturday Sunday 00:00 to 23:59 R3(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R3(config)#access-list 150 permit ip any any time-range WEEKEND R3(config)#interface G0/1 R3(config-if)#ip access-group 150 out
  • B. R1(config)#time-range WEEKEND R1(config-time-range)#periodic weekend 00:00 to 23:59 R1(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R1(config)#access-list 150 permit ip any any R1(config)#interface G0/1 R1(config-if)#ip access-group 150 in
  • C. R3(config)#time-range WEEKEND R3(config-time-range)#periodic weekend 00:00 to 23:59 R3(config)#access-list 150 permit tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R3(config)#access-list 150 permit ip any any time-range WEEKEND R3(config)#interface G0/1 R3(config-if)#ip access-group 150 out
  • D. R1(config)#time-range WEEKEND R1(config-time-range)#periodic Friday Sunday 00:00 to 00:00 R1(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R1(config)#access-list 150 permit ip any any R1(config)#interface G0/1 R1(config-if)#ip access-group 150 in
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by netpeer at April 4, 2021, 1:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
netpeer
Highly Voted 3 years, 10 months ago
B Access lists that are applied to interfaces do not filter traffic that originates from that router!
upvoted 22 times
Clauster
1 year, 11 months ago
Men i keep forgetting that i need to work on that, thanks
upvoted 4 times
...
...
timtgh
Highly Voted 2 years, 9 months ago
A - wrong because outbound list won't block telnet from same router, AND it has the time-range on the permit statement. B- correct! C- wrong because it has no deny statement D- wrong because it includes Friday
upvoted 8 times
...
matass_md
Most Recent 5 days, 7 hours ago
Selected Answer: A
R3(config)#time-range WEEKEND R3(config-time-range)#periodic Saturday Sunday 00:00 to 23:59 R3(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R3(config)#access-list 150 permit ip any any R3(config)#interface G0/1 R3(config-if)#ip access-group 150 out # we filter trafic as close to the source as possible with extended ACLs
upvoted 1 times
...
9d3b6c3
8 months, 1 week ago
Shouldn't the ACL be applied outbound on R1 Gi0/1 interface?
upvoted 1 times
...
[Removed]
9 months, 1 week ago
Selected Answer: B
B is correct even if the solution is not the best practice, cause the access-list is recommended to be applied on the R3 interface outbound.
upvoted 1 times
...
[Removed]
1 year, 7 months ago
Selected Answer: B
B. A and C are easily discarded with the fact that ACLs are not processed by the router that originates the traffic. D is using a wrong time range, I think that if you're going to define the day individually the syntax should be something like this: time-range TEST periodic Saturday 00:00 to Sunday 23:59 but the keyword "weekend" covers this day range.
upvoted 1 times
[Removed]
1 year, 7 months ago
Sorry, I misread, D is using the wrong days entirely. Friday isn't part of weekend period.
upvoted 1 times
...
...
Dataset
2 years, 1 month ago
Selected Answer: B
ACL cannot block traffic originates from the router were is applicatted Regards
upvoted 2 times
...
nushadu
2 years, 2 months ago
Selected Answer: B
cisco_R3(config)#time-range q_277 cisco_R3(config-time-range)#periodic ? Friday Friday Monday Monday Saturday Saturday Sunday Sunday Thursday Thursday Tuesday Tuesday Wednesday Wednesday daily Every day of the week weekdays Monday thru Friday weekend Saturday and Sunday cisco_R3(config-time-range)#periodic weekend ? hh:mm Starting time cisco_R3(config-time-range)#periodic weekend 00:00 ? to ending day and time cisco_R3(config-time-range)#periodic weekend 00:00 to ? hh:mm Ending time - stays valid until beginning of next minute cisco_R3(config-time-range)#periodic weekend 00:00 to 23:59
upvoted 5 times
nushadu
2 years, 2 months ago
cisco_R3(config-ext-nacl)#do s access-l | b 266 Extended IP access list q_266 10 deny tcp any any eq www time-range q_277 (inactive) 20 permit tcp any any range 22 443 cisco_R3(config-ext-nacl)#do s runn | s access-l ... ip access-list extended q_266 deny tcp any any eq www time-range q_277 permit tcp any any range 22 443 cisco_R3#show time-range time-range entry: q_277 (inactive) periodic weekend 0:00 to 23:59 used in: IP ACL entry cisco_R3#
upvoted 1 times
...
...
Jheax
2 years, 11 months ago
Selected Answer: B
Both A and B will block the telnet traffic during the weekend. But only B will allow the rest of the traffic during the the rest of the days. Answer is B.
upvoted 1 times
...
Violator
2 years, 11 months ago
This question is still asked. Passed today.
upvoted 1 times
...
xziomal9
3 years, 4 months ago
C. RouterR3(config)#time-range WEEKEND RouterR3(config-time-range)#periodic weekend 00:00 to 23:59 RouterR3(config)#access-list 150 permit tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND RouterR3(config)#access-list 150 permit ip any any time-range WEEKEND RouterR3(config)#interface G0/1 RouterR3(config-if)#ip access-group 150 out D. RouterR1(config)#time-range WEEKEND RouterR1(config-time-range)#periodic Friday Sunday 00:00 to 00:00 RouterR1(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND RouterR1(config)#access-list 150 permit ip any any RouterR1(config)#interface G0/1 RouterR1(config-if)#ip access-group 150 in
upvoted 5 times
...
xziomal9
3 years, 4 months ago
A. RouterR3(config)#time-range WEEKEND RouterR3(config-time-range)#periodic Saturday Sunday 00:00 to 23:59 RouterR3(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND RouterR3(config)#access-list 150 permit ip any any time-range WEEKEND RouterR3(config)#interface G0/1 RouterR3(config-if)#ip access-group 150 out B. RouterR1(config)#time-range WEEKEND RouterR1(config-time-range)#periodic weekend 00:00 to 23:59 RouterR1(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND RouterR1(config)#access-list 150 permit ip any any RouterR1(config)#interface G0/1 RouterR1(config-if)#ip access-group 150 in
upvoted 5 times
...
AlexLAN
3 years, 5 months ago
A is the right answer. there is no "periodic weekend" command.
upvoted 1 times
AlexLAN
3 years, 5 months ago
Actually, there is a periodic weekend... but... Ill check it again.
upvoted 2 times
AlexLAN
3 years, 5 months ago
Yes, B is right, the outbound access list can't block traffic from the control plane (CLI).
upvoted 3 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago