Refer to the exhibit. Routers R1 and R2 exchange routes to each other's loopback through OSPF. Telnet traffic must be blocked from R2 Lo0 to R1 Lo2. Which configuration resolves the issue?
Exam 300-410 All QuestionsBrowse all questions from this exam
Question 611
Correct Answer: C
To block Telnet traffic from R2's Loopback0 to R1's Loopback2, you need to apply an IPv6 ACL that denies Telnet from the specific source to the specific destination and then apply it correctly at the interface level. The correct configuration uses the 'ipv6 traffic-filter' command to apply the ACL to the Loopback2 interface in the inbound direction. Option C correctly configures this by applying 'ipv6 traffic-filter DENY_TELNET_Lo2 in' to interface Loopback2 on R1, ensuring the ACL is applied at the correct interface and direction.
Discussion
vitalizatorOption: B
Traffic is destined to the router so it must be ipv6 access-class, not traffic-filter
urushi
You can't apply an access-class at the interface level, it only works on vty lines. I tested this with an access-group/traffic-filter and it still had the desired effect of blocking the management plane.
dapardoOption: C
the difference between B and C is that B is referencing the accesslist as an accees class and c as a traffic filter
PietjeplukgelukOption: C
A == Wrongly states "ipv6 access-class..." under lo2 "should be: "ipv6 access-filter..." B == Wrongly states "ipv6 access-class..." under gi0/0/0 "should be: "ipv6 access-filter..." C == Best Answer, still wrong: Seems blocking traffic correctly under gi0/0/0 using "ipv6 access-filter...", however, the lo2 IP does not match destination IP in ACL D == Wrong Does not state "ipv6 access-class..." or "ipv6 access-filter..." anywhere