300-410 Exam - Question 124

Question

Refer to the exhibit. Which configuration denies Telnet traffic to router 2 from 198A:0:200C::1/64?A. B. C. D.

Examice · Accepted Answer

The correct configuration to deny Telnet traffic to router 2 from 198A:0:200C::1/64 would be Option A. The configuration in Option A correctly defines an IPv6 access list 'Deny_Telnet', specifying to deny TCP traffic from the host 198A:0:200C::1/64 to the host 201A:0:205C::1/64 on the Telnet port (eq telnet). This access list is then applied to the Gi0/0 interface using the 'ipv6 traffic-filter' command. Although additional permit statements might be necessary to continue allowing other traffic, the primary requirement of denying Telnet traffic is met.

studybuddy10 · Answer

A is most correct, these ACLs still need a permit statement or they block all traffic.  So D also works, B and C are bad syntax as they should be traffic-filter and not access-map.

Dacusai · Answer

A is the correct answer, but still the Access list is missing another entry to permit the rest of the traffic. In this case all traffic will be denied due to the implicit deny at the end of the Access List.

inteldarvid · Answer

Option A

here this example from cisco.com
https://www.cisco.com/c/en/us/support/docs/ip/ip-version-6/113126-ipv6-acl-00.html

YaPet · Answer

A is correct, because we need to deny only telnet traffic from R1, no any another traffic is mentioned in the question

Malasxd · Answer

A seems more correct

[Removed] · Answer

A is the best answer, but incomplete.
B and C are using the wrong syntax to apply the ipv6 acl in the interface, along with C missing the telnet port in the destination portion
D is allowing all type of traffic  from the indicated network.

examShark · Answer

The given answer is correct

Carl1999 · Answer

198A:0:200C::1/64?
199A:0:200C::1/64?

SeMo0o0o0 · Answer

A is correct

traffic-filter
eq telnet

300-410 Exam - Question 124

Discussion