# 200-301 — Question 1716

**Type:** case_study
**Topics:** network_simulation, named_acl, dynamic_arp_inspection, user_account

## Question

SIMULATION
-


Guidelines
-

This is a lab item in which tasks will be performed on virtual devices

• Refer to the Tasks tab to view the tasks for this lab item.
• Refer to the Topology tab to access the device console(s) and perform the tasks.
• Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.
• All necessary pre-configurations have been applied.
• Do not change the enable password or hostname for any device.
• Save your configurations to NVRAM before moving to the next item.
• Click Next at the bottom of the screen to submit this lab and move to the next question.
• When Next is clicked, the lab closes and cannot be reopened.


Topology
-

//IMG//



Tasks
-

Refer to the topology. All physical cabling is in place. Configure local user account, configure a Named ACL (NACL), and Dynamic Arp Inspection.

1. Configure a local account on Sw3 with telnet access only on virtual ports 0-4. Use the following information:

o Username: tech12
o Password: load1key
o Algorithm type: md5
o Privilege level: Exec mode

2. Configure and apply a NACL on R1 to control network traffic towards ISP:

o Name: ISP_ACL
o Restrict RFC 1918 class A and B addresses
o Allow all other addresses

3. A DHCP IP Pool is preconfigured on R1 for VLAN 5, and DHCP Snooping is configured on Sw2. Configure on Sw2:

o Dynamic Arp Inspection for VLAN 5
o Enable validation of the ARP packet destination MAC address
o Enable validation of the ARP packet source MAC address
o Enable validation of the ARP Packet IP address

## Correct Answer

_See scenario._

**Reference:** examtopics_top_comment

---
Source: https://hiexam.net/q/cisco/200-301/1716  
Practice (tracked): https://hiexam.net/study/200-301/practice