Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 233

An engineer must configure an ACL that permits packets which include an ACK in the TCP header. Which entry must be included in the ACL?

Answer options

• A. access-list 110 permit tcp any any eq 21 tcp-ack
• B. access-list 10 permit tcp any any eq 21 established
• C. access-list 110 permit tcp any any eq 21 established
• D. access-list 10 permit ip any any eq 21 tcp-ack

Correct answer: C

Explanation

The correct answer is C because using 'established' in the ACL allows both the original TCP connection and the ACK responses, which is necessary for proper communication. Options A and D are incorrect as they do not utilize the 'established' keyword, and option B does not match the access-list number required in this context.