How can the established keyword in an ACL entry be used?

How can the established keyword in an ACL entry be used?

 

Last Updated on November 19, 2023 by InfraExam

How can the established keyword in an ACL entry be used?

  • to permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted network
  • to permit both the initial TCP packet of a new session and the returning TCP packets from an existing TCP connection
  • to permit only the initial TCP packet of a new session
  • to change a router into a true stateful firewall controlling the access on a session-by-session basis
Explanation & Hint:

The established keyword in an Access Control List (ACL) entry can be used:

To permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted network.

This keyword is used in extended ACLs to allow return traffic from outside to inside on TCP connections that were initiated from the inside. It checks for the ACK or RST bits in the TCP header to be set, which are typically set in packets that are part of an existing connection, rather than packets that are trying to initiate a new connection.

For more Questions and Answers:

Network Security Post-Assessment | CBROPS

5 1 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments