Why is a reflexive ACL harder to spoof compared to an extended ACL that uses the established keyword?
- It provides a secure tunnel for returning traffic.
- A reflexive ACL provides a lock-and-key function.
- It allows incoming packets only after the 3-way handshake is completed.
- It provides more detailed filter criteria to match an incoming packet before the packet is allowed through.
Exam with this question: CCNA Security Final Exam (CCNAS v1.2)
Please login or Register to submit your answer