Cisco Implementing and Operating Cisco Service Provider Network Core Technologies (350-501 SPCOR) 350-501 Question # 59 Topic 6 Discussion
350-501 Exam Topic 6 Question 59 Discussion:
Question #: 59
Topic #: 6
Refer to the exhibit:
R1 is connected to two service providers and is under a DDoS attack Which statement about this design is true if uRPF in strict mode is configured on both interfaces'?
A.
R1 accepts source addresses on interface gigabitethernet0/1 that are private addresses
B.
R1 permits asymmetric routing as long as the AS-RATH attribute entry matches the connected AS
C.
R1 drops destination addresses that are routed to a null interface on the router
D.
R1 drops all traffic that ingresses either interface that has a FIB entry that exits a different interface
Unicast Reverse Path Forwarding (uRPF) in strict mode ensures that packets are received on the interface that the router would use to forward the return traffic. If a packet is received on an interface that is not the best reverse path, the packet is dropped. This helps mitigate IP address spoofing and DDoS attacks.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit