Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
encor wrong answers
#21
(04-28-2021, 06:51 PM)tminerd Wrote: I have an issue with two questions that appear to be identical but with different answers:

EC378 - A client with IP address 209.165.201.25 must access a web server on port 80 at 209.165.200.225. To allow this traffic, an engineer must add a statement to an access control list that is applied in the inbound direction on the port connecting to the web server. Which statement allows this traffic?

My answer: permit tcp host 209.165.201.25 host 209.165.200.225 eq 80
Correct answer: permit tcp host 209.165.200.225 eq 80 host 209.165.201.25.

I can accept that as the correct answer except we are trying to permit the client to access the web server here, not the other way around. The source should be 209.165.201.25.

EC072 - A client with IP address 209.165.201.25 must access a web server on port 80 at 209.165.200.225. To allow this traffic, an engineer must add a statement to an access control list that is applied in the inbound direction on the port connecting to the web server. Which statement allows this traffic?

This question is identical to EC378, but I actually got this answer correct where I didn't previously. I will try this in a test environment and let you know the result, but I'm suspecting that the answer should be the same for both of these, or we need to simply remove the duplicate question.

Ok, so the answer to EC378 is correct. I tested this with a configuration but using port 22 instead of 80 to test. If the ACL is applied inbound on the interface connected to the web server, you must specify the server first in the ACE. Technically, you would want to apply your ACL closest to the source, but in this case, the source becomes the web server with the extended ACL applied closest to the source. We should throw out EC072 as it is a duplicate question with an incorrect answer.
Reply
#22
Thank you. EC072 has been removed.
Reply
#23
Ec135
https://www.google.com/amp/s/ccna-200-30...iques/amp/
• Shape and police traffic flows as close to their sources as possible.
Reply
#24
(05-01-2021, 12:28 PM)forumsupport Wrote: QID-EC477


QID-EC477

The Drag and drop answers are:

interface gigabitethernet1/1
GET
ACCEPT

When you select these answers the engine marks it as incorrect.
Reply
#25
QID-EC351

selects the correct answer send msg routing error ospf
Engine marks it as incorrect
Reply
#26
EC135, EC477, EC351 have been fixed. Thank you for your input and patience.
Reply
#27
There is no IGMP join to RP, only PIM join
Probably "send join messages toward a multicast source SPT" is a better answer.

https://www.cisco.com/c/en/us/support/do....html#anc7

Step 4. (S,G) Packet Reaching towards the FHR
  • Only presence of REGISTER MESSAGE at RP (S,G) PIM JOIN travel to the FHR. To create the Forwarding state.
  • After the PIM JOIN it complete the process to create a Hardware Forwarding State for Multicast traffic flow.
  • If there are (*,G) listeners, the RP starts constructing SPT toward the multicast source IP address. This is where the RPF check is performed to find out the upstream interface to send the PIM Join to.
Reply
#28
EC377:

https://www.dclessons.com/sd-access-wire...chitecture

WLC is connected to outside fabric or can also be connected directly to Border switch
Reply
#29
EC447

https://www.cisco.com/c/en/us/td/docs/io...566608F35E

Benefits of Using MSDP to Interconnect Multiple PIM-SM Domains
  • Allows a rendezvous point (RP) to dynamically discover active sources outside of its domain.

  • Introduces a more manageable approach for building multicast distribution trees between multiple domains.
Reply
#30
EC199, EC377 and EC447 have been fixed. Thank you for your input and patience.
Reply


Forum Jump:


Users browsing this thread: 5 Guest(s)