Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) — Question 173

The network administrator configured CoPP so that all HTTP and HTTPS traffic from the administrator device located at 172.16 1.99 toward the router CPU is limited to 500 kbps. Any traffic that exceeds this limit must be dropped. access-list 100 permit ip host 172.16.1.99 any
!
class-map CM-ADMIN
match access-group 100
!
policy-map PM-COPP
class CM-ADMIN
police 500000 conform-action transmit
!
interface E0/0
service-policy input PM-COPP
CoPP failed to capture the desired traffic and the CPU load is getting higher.
Which two configurations resolve the issue? (Choose two.)

Answer options

• A. interface E0/0 no service-policy input PM-COPP ! control-plane service-policy input PM-COPP
• B. policy-map PM-COPP class CM-ADMIN no police 500000 conform-action transmit police 500 conform-action transmit ! control-plane service-policy input PM-COPP
• C. no access-list 100 access-list 100 permit tcp host 172.16.1.99 any eq 80
• D. no access-list 100 access-list 100 permit tcp host 172.16.1.99 any eq 80 access-list 100 permit tcp host 172.16.1.99 any eq 443
• E. policy-map PM-COPP class CM-ADMIN no police 500000 conform-action transmit police 500 conform-action transmit

Correct answer: A

Explanation

The correct answer A resolves the issue by removing the service policy from the interface and applying it to the control plane, ensuring CoPP can manage the traffic effectively. The other options either modify the access-list or policy-map incorrectly, which would not resolve the problem of CoPP failing to capture the desired traffic.