CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-410

Free 300-410 Exam Braindumps (page: 40)

Page 40 of 156
PDF with 620 Questions

Refer to the exhibit. An engineer is troubleshooting failed access by contractors to the business application server via Telnet or HTTP during the weekend.


Which configuration resolves the issue?


  1. R1
    no access-list 101 permit tcp 10.3.3.0 0.0.0.255 host 10.1.1.3 eq telnet time-range Contractor

  2. R1
    time-range Contractor
    no periodic weekdays 8:00 to 16:30
    periodic daily 8:00 to 16:30

  3. R4
    time-range Contractor
    no periodic weekdays 17:00 to 23:59
    periodic daily 8:00 to 16:30

  4. R4
    no access-list 101 permit tcp 10.3.3.0 0.0.0.255 host 10.1.1.3 eq telnet time-range Contractor

Answer(s): B



What are two characteristics of IPv6 Source Guard? (Choose two.)

  1. requires the user to configure a static binding
  2. used in service provider deployments to protect DDoS attacks
  3. requires that validate prefix be enabled
  4. requires IPv6 snooping on Layer 2 access or trunk ports
  5. recovers missing binding table entries

Answer(s): C,D



DRAG DROP (Drag and Drop is not supported)
Drag and drop the IPv6 first hop security device roles from the left onto the corresponding descriptions on the right.

Select and Place:

  1. See Explanation section for answer.

Answer(s): A

Explanation:


Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/security/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x_chapter_011011.pdf



The network administrator configured R1 for Control Plane Policing so that the inbound Telnet traffic is policed to 100 kbps. This policy must not apply to traffic coming in from 10.1.1.1/32 and 172.16.1.1/32. The administrator has configured this:

access-list 101 permit tcp host 10.1.1.1 any eq 23
access-list 101 permit tcp host 172.16.1.1 any eq 23
!
class-mapCoPP-TELNET
match access-group 101
!
policy-map PM-CoPP
classCoPP-TELNET
police 100000 conform transmit exceed drop
!
control-plane
service-policy input PM-CoPP

The network administrator is not getting the desired results.

Which set of configurations resolves this issue?


  1. no access-list 101
    access-list 101 deny tcp host 10.1.1.1 any eq 23
    access-list 101 deny tcp host 172.16.1.1 any eq 23
    access-list 101 permit ip any any

  2. control-plane
    no service-policy input PM-CoPP
    !
    interface Ethernet 0/0
    service-policy input PM-CoPP

  3. no access-list 101
    access-list 101 deny tcp host 10.1.1.1 any eq 23
    access-list 101 deny tcp host 172.16.1.1 any eq 23
    access-list 101 permit ip any any
    !
    Interface E 0/0
    service-policy input PM-CoPP

  4. control-plane
    no service-policy input PM-CoPP
    service-policy input PM-CoPP

Answer(s): A



Page 40 of 156



Post your Comments and Discuss Cisco® 300-410 exam with other Community members:

Ramu commented on February 24, 2024
I really do not like relying on these exam dumps questions, but this exam has left me no choice. So I purchased this exam dumps and now I feel much relieved and confident preparing for my exam.
Anonymous
upvote

Loren commented on August 06, 2021
I really do not like relying on these exam dumps questions, but this exam has left me no choice. So I purchased this exam dumps and now I feel much relieved and confident preparing for my exam.
UNITED STATES
upvote

Asaya commented on August 04, 2021
It is looking good. I just made my download. Study begins tomorrow.
BRAZIL
upvote

Kalib commented on April 12, 2021
With my busy schedule this is the best source of studying to pass my exam.
AUSTRALIA
upvote