Free Cisco SPRI 300-510 Actual Exam Questions - Question 9 Discussion

Makes sense that D is the best pick since it targets both the AS path and specific prefix, so no other routes get wrongly blocked. Definitely the safest bet here. D

D, it blocks the exact bad AS path and prefix combo, no collateral damage.

It’s B because it matches the exact AS path without blocking other prefixes.

Maybe D could work here since it uses a prefix-list combined with an AS path match to block only the exact bad prepended routes. Unlike B, which might be a little broad with just AS path matching, D adds the prefix check to make sure it only filters the incorrect 10.11.11.0/24 routes with that AS path. This way, legit routes from XR1 or other prefixes aren’t accidentally dropped. So, applying this policy on XR3’s neighbor config for XR1 should keep things clean without collateral damage.

The policy in Option B seems the most fitting since it specifically matches the incorrect AS path sequence and denies only those routes. Options A and D look too broad and could block legitimate prefixes or future routes unintentionally. Option C just permits everything, which won’t help in blocking the bad path. So, the targeted match and deny in B is the best way to filter out only the falsely prepended prefix from XR1 without affecting other routes.

B. Option B looks like the best fit since it uses a match condition specific to the bad AS path sequence. It’s more precise because it won’t block other prefixes or legitimate AS paths, just the ones with that incorrect prepending. Option A might be too broad and could unintentionally filter out valid routes, which we definitely want to avoid. So, filtering specifically on the AS path attributes with a deny action like in B seems to do the job without side effects.

B/C? The trap here might be Option A since it looks like it would block everything, not just the bad path. B seems more targeted to filter that specific AS path without blocking legit routes.