CCNA: Cisco Certified Network Associate — Question 1099

An administrator is configuring a Cisco Catalyst switch so that it will accept management connections only from hosts in the 203.0.113.0/24 network. Other traffic passing through the switch must transit without interruption. Which two configurations must the engineer apply to the router? (Choose two.)

Answer options

• A. interface range vlan 1 - 4094 ip access-group Management out
• B. line vty 0 15 access-class Management in
• C. ip access-list standard Management permit 203.0.113.0 0.0.0.255
• D. ip access-list standard Management permit 203.0.113.0 255.255.255.0
• E. ip access-list extended Management permit tcp any range 22 23 203.0.113.0 0.0.0.255

Correct answer: B, C

Explanation

The correct answer is B and C because line vty configurations need to restrict access to the management connections using the access-class, and the access-list must permit the specific subnet to manage the switch. Options A, D, and E do not correctly apply the required configurations for restricting management access to the specified subnet.