Cisco
300-415 · Question #317
300-415 Question #317: Real Exam Question with Answer & Explanation
The correct answer for this question was not provided, therefore a specific analysis of the designated correct choice cannot be performed as per the strict instructions.
Policies
Question
An engineer creates a data policy to prevent communication from the 172.20.21.0/24 network to the 172.20.41.0/24 network. Which configuration accomplishes this task?
Options
- Apolicy lists vpn-list VPN1 vpn 1 ! data-prefix-list LosAngeles-Net1 ip-prefix 172.20.21.0/24 data-prefix-list Rome-Net1 ip-prefix 172.20.41.0/24 ! data-policy FILTER-POLICY vpn-list VPN1 sequence 1 match source-data-prefix-list LosAngeles-Net1 destination-data-prefix-list Rome-Net1 action accept ! default-action drop
- Bpolicy lists vpn-list VPN1 vpn 1 ! data-prefix-list LosAngeles-Net1 ip-prefix 172.20.21.0/24 data-prefix-list Rome-Net1 ip-prefix 172.20.41.0/24 ! data-policy FILTER-POLICY vpn-list VPN1 sequence 1 match source-data-prefix-list LosAngeles-Net1 action drop ! sequence 11 match source-data-prefix-list Rome-Net1 action drop ! default-action accept
- C
- D
Explanation
The correct answer for this question was not provided, therefore a specific analysis of the designated correct choice cannot be performed as per the strict instructions.
Common mistakes.
- A. This option configures the data policy to explicitly 'action accept' traffic from 172.20.21.0/24 to 172.20.41.0/24, which is the opposite of the stated goal to prevent this communication.
- B. This option configures the data policy to 'action drop' all traffic originating from 172.20.21.0/24, regardless of destination, which is broader than the specific requirement to prevent communication only to 172.20.41.0/24.
Concept tested. Cisco SD-WAN data policy configuration
Topics
#SD-WAN Data Policy#Traffic Filtering#Prefix Lists#vManage Configuration
Community Discussion
No community discussion yet for this question.