Home Exams
Log In Sign Up
Exams > Cisco > 350-401: Implementing Cisco Enterprise Network Core Technologies (ENCOR)
350-401: Implementing Cisco Enterprise Network Core Technologies (ENCOR)
Page 21 out of 62 pages Questions 201-210 out of 614 questions
Question#201

Refer to the exhibit.

An engineer must deny Telnet traffic from the loopback interface of router R3 to the loopback interface of router R2 during the weekend hours. All other traffic between the loopback interfaces of routers R3 and R2 must be allowed at all times.
Which command set accomplishes this task?

  • A. R3(config)#time-range WEEKEND R3(config-time-range)#periodic Saturday Sunday 00:00 to 23:59 R3(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R3(config)#access-list 150 permit ip any any time-range WEEKEND R3(config)#interface G0/1 R3(config-if)#ip access-group 150 out
  • B. R1(config)#time-range WEEKEND R1(config-time-range)#periodic weekend 00:00 to 23:59 R1(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R1(config)#access-list 150 permit ip any any R1(config)#interface G0/1 R1(config-if)#ip access-group 150 in
  • C. R3(config)#time-range WEEKEND R3(config-time-range)#periodic weekend 00:00 to 23:59 R3(config)#access-list 150 permit tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R3(config)#access-list 150 permit ip any any time-range WEEKEND R3(config)#interface G0/1 R3(config-if)#ip access-group 150 out
  • D. R1(config)#time-range WEEKEND R1(config-time-range)#periodic Friday Sunday 00:00 to 00:00 R1(config)#access-list 150 deny tcp host 10.3.3.3 host 10.2.2.2 eq 23 time-range WEEKEND R1(config)#access-list 150 permit ip any any R1(config)#interface G0/1 R1(config-if)#ip access-group 150 in
Discover Answer Hide Answer

B

Question#202


Refer to the exhibit. PC-1 must access the web server on port 8080. To allow this traffic, which statement must be added to an access control list that is applied on
SW2 port G0/0 in the inbound direction?

  • A. permit tcp host 172.16.0.2 host 192.168.0.5 eq 8080
  • B. permit tcp host 192.168.0.5 host 172.16.0.2 eq 8080
  • C. permit tcp host 192.168.0.5 eq 8080 host 172.16.0.2
  • D. permit tcp host 192.168.0.5 lt 8080 host 172.16.0.2
Discover Answer Hide Answer

C

Question#203

What is the result of applying this access control list?
ip access-list extended STATEFUL
10 permit tcp any any established
20 deny ip any any

  • A. TCP traffic with the URG bit set is allowed.
  • B. TCP traffic with the SYN bit set is allowed.
  • C. TCP traffic with the ACK bit set is allowed.
  • D. TCP traffic with the DF bit set is allowed.
Discover Answer Hide Answer

C

Question#204

Which outbound access list, applied to the WAN interface of a router, permits all traffic except for http traffic sourced from the workstation with IP address
10.10.10.1?

  • A. ip access-list extended 200 deny tcp host 10.10.10.1 eq 80 any permit ip any any
  • B. ip access-list extended 10 deny tcp host 10.10.10.1 any eq 80 permit ip any any
  • C. ip access-list extended NO_HTTP deny tcp host 10.10.10.1 any eq 80
  • D. ip access-list extended 100 deny tcp host 10.10.10.1 any eq 80 permit ip any any
Discover Answer Hide Answer

D

Question#205


Refer to the exhibit. An engineer must create a configuration that executes the show run command and then terminates the session when user CCNP logs in.
Which configuration change is required?

  • A. Add the access-class keyword to the username command.
  • B. Add the autocommand keyword to the aaa authentication command.
  • C. Add the access-class keyword to the aaa authentication command.
  • D. Add the autocommand keyword to the username command.
Discover Answer Hide Answer

D

Question#206


Refer to the exhibit. An engineer configures CoPP and enters the show command to verify the implementation. What is the result of the configuration?

  • A. All traffic will be policed based on access-list 120.
  • B. If traffic exceeds the specified rate, it will be transmitted and remarked.
  • C. Class-default traffic will be dropped.
  • D. ICMP will be denied based on this configuration.
Discover Answer Hide Answer

A

Question#207

DRAG DROP -
Drag and drop the threat defense solutions from the left onto their descriptions on the right.
Select and Place:

Discover Answer Hide Answer


Question#208

Refer to the exhibit.

What is the effect of this configuration?

  • A. The device will allow users at 192.168.0.202 to connect to vty lines 0 through 4 using the password ciscotestkey.
  • B. The device will authenticate all users connecting to vty lines 0 through 4 against TACACS+.
  • C. The device will allow only users at 192.168.0.202 to connect to vty lines 0 through 4.
  • D. When users attempt to connect to vty lines 0 through 4, the device will authenticate them against TACACS+ if local authentication fails.
Discover Answer Hide Answer

B

Question#209

Which deployment option of Cisco NGFW provides scalability?

  • A. inline tap
  • B. high availability
  • C. clustering
  • D. tap
Discover Answer Hide Answer

C

Question#210

DRAG DROP -
Drag and drop the REST API authentication methods from the left onto their descriptions on the right.
Select and Place:

Discover Answer Hide Answer


chevron rightPrevious Nextchevron right
Email: support@exam-data.com
Copyright © 2024 Exam Data. All rights reserved.
Home Exams
chevron
Public Agreement Privacy Policy Sales and Refunds