Question 16 of 28 from exam 300-535-SPAUTO: Automating and Programming Cisco Security Solutions

Prev Question Next Question

Question

An engineer wants to replace the BLOCK_BAD ACL on the Cisco IOS XE router with this new content.

The engineer wants to use RESTCONF for this and constructs a PUT request to the resource/restconf/data/native/ip/access-list/Cisco-IOS-XE-acl:extended=BLOCK_BAD.

What must the body look like to achieve the Cisco IOS XE configuration? Desired configutation: ip access-list extended BLOCK_BAD permit ip any host 192.168.20.1 deny ip any any A.

$“ip” { “access-list’ { *Cisco10S-XE-ackextended’: { “name: "BLOCK_BAD", “access-list-seq-rule”: [{ “sequence”: "10", “ace-tule”: { action’: ‘permit’, “protocor’: “ip’, ‘any’: [ null 1 “dst-host”: “192.168.20.1" } i { “sequence”. “20”, “ace-ule”: { “action”: “deny”, “protocol”: “ip”, ‘any”[ null 1 “astany"[ null$

$“name”: “BLOCK_BAD”, “access-list-seq-rule”: [ { “sequence”: “10”, “ace-rule” : { “action”: “permit”, “protocol” : “ip”, if null “dst-host”: “192.168.20.1” “sequence”: “20”, “ace-rule”: { “action”: “dst-any”: null$

$“Cisco-I0S-xE-acl:extended”: { “name”: “BLOCK_BAD”, “access-list-seq-rule”: [ { “sequence”: “10”, “ace-rule”: { “action”: “permit”, “protocol”: ip’, “dst-host”: “192.168.20.1” “sequence”: “20”, “ace-rule”: { “action”: “deny”, “protocol”: ip’, “dst-any”: [ null$

$“Cisco-I0S-XE-acl:extended”: { “BLOCK_BAD”, “access-list-seq-rule”: [ { “sequence”: “10”, “ace-rule”: { “action”: “permit”, “protocol”: ip’, “dst-host”: “192.168.20.1” “sequence”: “20”, “ace-rule”: { “action”: “deny”, “protocol”: ip’, “dst-any”: [ null$

Show Answer

Explanations

Prev Question Next Question