Refer to the exhibit.
Which two statements about how the configuration processes Telnet traffic are true? (Choose two.)
A.
Telnet traffic from 10.1.1.9 to 10.10.10.1 is dropped.
B.
All Telnet traffic is dropped.
C.
Telnet traffic from 10.10.10.1 to 10.1.1.9 is permitted.
D.
Telnet traffic from 10.1.1.9 to 10.10.10.1 is permitted.
E.
Telnet traffic is permitted to all IP addresses.
why not E option?
In order telnet trafic from 10.10.10.1 to 10.1.1.9 will be dropped we should change acl 20 deny tcp any eq telnet any
it’s a tricky question, in the control plane policy, the default telnet is allowed unless match the ACL R9-to-R2
This is tricks over tricks question.
Looking at the policy there is conform => drop and exceed => drop for the traffic specified by ACL. Hence traffic permitted by ACL is being dropped (answer A). The rest seems to be passed (i.e. answer C).
BUT…
We are on router R1 (according to prompt).
The ACL is described as R9-TO-R2 (nothing to do with R1).
It is obviously CoPP, so CEF will direct only traffic addressed to R1 into out policy. Is 10.10.10.1 or 10.1.1.9 ours?
If not, then all traffic will be passed (hence CDE is true).
But “Choose two”.
It seems that better idea is to assume that 10.10.10.1 is our address (ignoring misleading prompt) and then the correct answer is AC.