200-150 Question #249: Real Exam Question with Answer & Explanation

The correct answer is C: matching packets in QoS policies. Access control lists serve two primary purposes in Cisco environments: classifying traffic for QoS policies and restricting administrative access to devices via VTY lines.

Question

Which two actions can access lists be used for? (Choose two)

Options

Apreempting VIPs on HSRP selectively
Btriggering routing updates
Cmatching packets in QoS policies
Drestricting remote access to a switch
Eauthenticating users

Explanation

Access control lists serve two primary purposes in Cisco environments: classifying traffic for QoS policies and restricting administrative access to devices via VTY lines.

Common mistakes.

A. HSRP preemption is governed by the 'standby priority' and 'standby preempt' commands on a per-group basis; access lists play no role in selecting or preempting HSRP active routers.
B. Routing update filtering uses route-maps or distribute-lists applied to routing protocol processes; access lists do not independently trigger or initiate routing protocol updates.
E. User authentication is handled through AAA frameworks using RADIUS or TACACS+ servers configured via the 'aaa authentication' command, not through access lists.

Concept tested. ACL uses for QoS matching and VTY access control

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-16/sec-data-acl-xe-16-book/sec-access-ctrl-lists.html

Community Discussion

No community discussion yet for this question.

Full 200-150 Practice