nerdexam
Exams350-401Questions#515
CiscoCisco

350-401 · Question #515

350-401 Question #515: Real Exam Question with Answer & Explanation

The correct configuration uses a route-map or policy-map approach where 'permit' statements are used to match the relevant traffic sequences (first permitting the match condition for HTTP traffic from host A to host B, then permitting all other traffic), followed by 'action drop'

Submitted by ahmad_uae· Mar 6, 2026Infrastructure - Configure and verify traffic filtering and policy-based routing using route-maps and policy-maps to selectively permit or deny specific traffic flows between hosts

Question

Drag and Drop Question Refer to the exhibit. An engineer must deny HTTP traffic from host A to host B while allowing all other communication between the hosts. Drag and drop the commands into the configuration to achieve these results. Some commands may be used more than once. Not all commands are used. Answer:

Explanation

The correct configuration uses a route-map or policy-map approach where 'permit' statements are used to match the relevant traffic sequences (first permitting the match condition for HTTP traffic from host A to host B, then permitting all other traffic), followed by 'action drop' to discard the matched HTTP traffic and 'action forward' to allow all remaining communication. This two-clause structure first identifies and drops the specific HTTP traffic, then explicitly forwards everything else, ensuring only HTTP from A to B is denied while all other traffic passes freely.

Topics

#Policy-Based Routing#Access Control#Traffic Filtering#IOS Route-Map

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 350-401 PracticeBrowse All 350-401 Questions