Refer to the exhibit.
The engineer needs to check if keepalive messages between two servers in the address range
9.9.9.0/24 arrive from the device that is directly connected via the trunk interface. Which two
configurations should be applied on the switch port to achieve displayed output? (Choose two.)
A.
ip access-list LO_FILTER
statistics per-entry
10 permit ip 9.9.9.0 0.0.0.255 any
20 permit ip any any
B.
ip access-list LO_FILTER
10 permit ip 9.9.9.0 0.0.0.255 any
20 permit ip any any
C.
ip access-list LO_FILTER
10 permit ip 9.9.9.0 0.0.0.255 any
20 deny ip any any
D.
Nexus5K(config)# interface Ethernet1/1
Nexus5K(config-if)# ip access-group LO-FILTER in
E.
Nexus5K(config)# interface Ethernet1/1
Nexus5K(config-if)# ip port access-list LO-FILTER in
F.
Nexus5K(config)# interface Ethernet1/1
Nexus5K(config-if)# ip port access-group LO-FILTER out
niether are right
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_ipacls.html
it should be “ip port access-group LO-FILTER in”, I think
Agree with MK the correct answer is D
E is incorrect because there is no such syntax under interface as ip port access-list
and F is incorrect beacause ip port aceess-group is only ingress and not egress.