Implementing Cisco Edge Network Security Solutions (SENSS, legacy) — Question 10

A user is having trouble connecting to websites on the Internet. The network engineer proposes configuring a packet capture that captures only the HTTP response traffic on the Cisco Adaptive Security Appliance between the user's workstation and Internet. If the user's workstation IP address is 10.0.0.101, which
ACE is needed to achieve this capture?

Answer options

• A. access-list capture permit tcp host 10.0.0.101 eq 80 any
• B. access-list capture permit tcp host 10.0.0.101 any eq 80
• C. access-list capture permit tcp any eq 80 host 10.0.0.101
• D. access-list capture permit tcp any host 10.0.0.101 eq 80

Correct answer: D

Explanation

The correct answer is D because it captures any TCP traffic where the destination IP is the user's workstation (10.0.0.101) and the destination port is 80, which corresponds to HTTP traffic. Option A captures traffic originating from the user's workstation, while option B restricts the source incorrectly. Option C targets the wrong direction of traffic as it captures requests instead of responses.