What is the correct format of an access control list on a Cisco Nexus switch to only permit
unencrypted Web traffic from the 172.16.1.0/25 network to destination host 10.10.1.110?
A.
N5K-A(config)# ip access-list 101
N5K-A(config-acl)# permit tcp host 172.16.1.0/25 any eq 80
B.
N5K-A(config)# ip access-list 101
N5K-A(config-acl)# permit tcp 172.16.1.0 255.255.255.128 any eq 80
C.
N5K-A(config)# ip access-list 101
N5K-A(config-acl)# permit tcp 172.16.1.0/25 any eq 80
D.
N5K-A(config)#access-list 101 permit tcp 172.16.1.0/25 0.0.0.128 eq 80
E.
N5K-A(config)# ip access-list 101
N5K-A(config-acl)# permit tcp any 172.16.1.0 255.255.248.0 eq 80
Not correct, the destination permission should be host 10.10.1.110, not ‘any’. All the answers are wrong.
Actually C permits http Traffic from 172.16.1.0/25 to any network, so host 10.10.1.110 is included. I guess that’s why C is correct! All others options are clearly wrong for me
Passed the CCNA Data Center DCICN 640-911 exam few days ago with 980/1000. There wasn’t anything new for the 640-911 exam itself, but you need to read and understand all the exam questions’ meaning for at least three times, or you will choose the wrong answers. I practiced PassLeader 640-911 dumps (http://www.passleader.com/640-911.html) for two times before taking, which saved me much time in the real test and finally passed exam! Good!
New 640-911 Exam Questions and Answers Updated Recently (10/Mar/2016):
NEW QUESTION 186
An engineer wants to repurpose a Cisco Nexus 7010 Switch for use in a lab and needs to restore the switch to factory defaults. Which two commands are required? (Choose two.)
A. write erase boot
B. write erase debug
C. copy running-config startup-config
D. reboot
E. reload
F. copy startup-config running-config
Answer: AE
NEW QUESTION 187
Refer to the exhibit. In which two ways does the routing table direct traffic? (Choose two.)
Image URL: w w w.200-120.info/wp-content/uploads/2016/03/1871.png (delete space)
A. The router receives a default route via a dynamic routing protocol.
B. 10.235.4.37 is the IP address of a local interface.
C. 10.235.4.37 is the IP address of the neighbor router that is locally connected.
D. 10.235.4.36 is the IP address of the directly connected neighbor.
E. The gateway of last resort is statically configured.
Answer: AB
NEW QUESTION 188
Which option is the proper shortened representation of the IPv6 address FDFA:0000:0000:2314:00BA:AF34:0:0121?
A. FDFA::2314:BA:AF34:0:121
B. FDFA::2314::BA:AF34:0:0121
C. FDFA::2314:BA:AF34:121
D. FDFA::2314:BA:AF34::121
Answer: A
NEW QUESTION 189
Which three options represent a subnet mask that allows for 60 host addresses on a subnet? (Choose three.)
A. /25
B. 255.255.255.192
C. /26
D. 255.255.255.240
E. 255.255.255.248
F. /28
G. /30
Answer: ABC
NEW QUESTION 190
A network engineer configures several VLANs using NX-OS and wants to save the changes. Which commands are used to save this configuration?
A. write memory
B. copy run start
C. write terminal
D. copy start run
Answer: B
NEW QUESTION 191
……
NEW QUESTION 192
A network engineer has been tasked with connecting a Nexus 5548 switch to an older Catalyst 3750. After configuring the interfaces, the engineer noticed that the end hosts did not have network connectivity and the Nexus 5548 had the following log message:
%STP-2-BRIDGE_ASSURANCE_BLOCK: Bridge Assurance blocking port Ethernet1/27 VLAN0010
What command can solve this problem?
A. configure no spanning-tree port type network on the Nexus 5548 interface
B. configure spanning-tree mode rapid-pvstp on the Catalyst 3750
C. configure switchport trunk native VLAN 10 on the Catalyst 3750 interface
D. configure spanning-tree mode rapid-pvstp on the Nexus 5548
Answer: A
NEW QUESTION 193
What two actions can be taken to enable inter-VLAN communications in the data center? (Choose two.)
A. install a Layer 3 capable switch in the data center
B. deploy a router as a Layer 3 services gateway attached inside each Layer 2 VLAN
C. extend Layer 2 services to a Layer 3 capable VLAN using Layer 3 tunneling
D. connect Layer 2 VLANs together with 802.1Q trunks
E. use a routing protocol to direct packets into the Layer 2 network
Answer: AB
NEW QUESTION 194
……
NEW QUESTION 195
Which two statements describe two benefits of a star topology compared to a mesh topology? (Choose two.)
A. New stations can be added quickly and easily.
B. Troubleshooting connectivity is easier.
C. There is not a single point of failure.
D. A single cable failure will not bring down the entire network.
E. It has the absolute least likelihood of having a collision.
Answer: AB
NEW QUESTION 196
Unlike IPv6, which feature is available only in IPv4?
A. broadcast
B. anycast
C. multicast
D. unicast
Answer: A
NEW QUESTION 197
What TCP/IP layer would handle UDP traffic flows?
A. internetwork
B. network interface
C. transport
D. physical
Answer: C
NEW QUESTION 198
In which layer of the OSI model are TCP port numbers defined?
A. 2
B. 3
C. 4
D. 6
E. 7
Answer: C
NEW QUESTION 199
……
P.S. These New 640-911 Exam Questions Were Just Updated From The Real 640-911 Exam, You Can Get The Newest 640-911 Dumps In PDF And VCE From — http://bitly.com/640-911-exam (220q)
Good Luck !!!