How can the established keyword in an ACL entry be used?1 pointto permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted networkto permit both the initial TCP packet of a new session and the returning TCP packets from an existing TCP connectionto permit only the initial TCP packet of a new sessionto change a router into a true stateful firewall controlling the access on a session-by-session basis
Question
How can the established keyword in an ACL entry be used?1 pointto permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted networkto permit both the initial TCP packet of a new session and the returning TCP packets from an existing TCP connectionto permit only the initial TCP packet of a new sessionto change a router into a true stateful firewall controlling the access on a session-by-session basis
Solution
The established keyword in an ACL entry can be used to permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted network. This is achieved by including the established keyword in the ACL rule that is applied to the incoming traffic.
To permit both the initial TCP packet of a new session and the returning TCP packets from an existing TCP connection, the established keyword should not be used in the ACL rule. This allows all TCP packets, regardless of their status, to pass through the ACL.
If the goal is to permit only the initial TCP packet of a new session, the established keyword should be excluded from the ACL rule. This will block any returning TCP packets from an existing TCP connection.
Using the established keyword in an ACL entry can also be used to change a router into a true stateful firewall controlling the access on a session-by-session basis. By including the established keyword in the ACL rule, the router will keep track of the state of each TCP connection and only allow returning packets from established connections to pass through. This enhances the security of the network by ensuring that only legitimate traffic is allowed.
Similar Questions
Which one of the following commands is required on an interface in order to apply an ACL as a packet filter?1 pointaccess-classip access-groupip access-list<SGA group id>
In the context of network security, what does the acronym "ACL" typically stand for
In the context of network security, what does the acronym "ACL" typically stand for?Group of answer choicesAdvanced Computer LanguageAccess Control ListApplication Configuration LogAddress Control Layer
In an ACL, if a traffic flow is not explicitly permitted, what will be the result of the traffic flow once it has expired testing all the user-configured control entries in the list?1 pointThe traffic will be implicitly permitted.The traffic will be explicitly permitted.The traffic will be explicitly denied.The traffic will be implicitly denied.
Question 7Which two (2) of these are useful tools used to monitor network access control processes?1 pointTrapdoorsSniffersHoneyPotsAccess Control Lists (ACL)
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.