Which Cisco IOS command uses the default class map to limit SNMP inspection to traffic from 10.1.1.0 to 192.168.1.0?
A. hostname(config)# access-list inspect extended permit ip 10.1.1.0.0.0.0.255 192.168.1.0.0.0.0.255 hostname(config)# class-map inspection_default hostname(config-cmap)# match access-list inspect
B. hostname(config)# access-list inspect extended permit ip 10.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0 hostname(config-cmap)# match access-list inspect
C. hostname(config)# access-list inspect extended permit ip 10.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0 hostname(config)# class-map inspection_default hostname(config-cmap)# match access-list inspect
D. hostname(config)# access-list inspect extended permit ip 10.1.1.0.0.0.255 192.168.1.0.0.0.255 hostname(config)# class-map inspection_default
I think the question might be asking for ASA and not IOS. There is no such thing as “default class-map” on an IOS. Also if you want to start with #access-list , you have to give it a number for the access-list NOT a name. This is only done on the ASA.
Sw4(config)#access-list ?
IP standard access list
IP extended access list
Extended 48-bit MAC address access list
IP standard access list (expanded range)
Protocol type-code access list
IP extended access list (expanded range)
48-bit MAC address access list
dynamic-extended Extend the dynamic ACL absolute timer
rate-limit Simple rate-limit specific access list
Sw4(config)#access-list
A is correct. This is Cisco IOS, not ASA. You have to use a wildcard.
https://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/inspect_overview.html
C is correct
Answer C
Wildcard mask is used in Cisco IOS
10.1.1.0.0.0.0.255 (Extra dot on this and I guess it is a spelling mistake)
The answer is C
Is this correct?
10.1.1.0.0.0.0.255
Answer: A
Wildcard mask is used in Cisco IOS