Register
A server ( ) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a separate network segment. The security engineer implements
224k views
3 votes
A server ( ) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a separate network segment. The security engineer implements the following configuration on the management router:

Router(config)# ip route Null0
Router(config)# route-map DATA
Router(config-route-map)# match tag 101
Router(config-route-map)# set ip next-hop
Router(config-route-map)# set community no-export
Router(config-router)# redistribute static route-map DATA
Router(config)# ip route Null0 tag 101

Which of the following is the engineer implementing?

A. Remotely triggered black hole
B. Route protection
C. Port security
D. Transport security
E. Address space layout randomization

User Jiju John
by
7.7k points

1 Answer

4 votes

Final answer:

The security engineer is implementing a remotely triggered black hole to prevent a DoS attack from compromised marketing desktops by routing malicious traffic to a null interface.

Step-by-step explanation:

The security engineer is implementing a remotely triggered black hole (RTBH). This technique is used to prevent a Denial of Service (DoS) attack by routing malicious traffic to a 'black hole' where it can be discarded. The engineer configures a static route to a Null0 interface, which is a virtual interface that discards traffic sent to it. By tagging this route and redistributing it into the network, the router filters out traffic based on the tag and redirects it to Null0. The 'no-export' community prevents this route from being advertised to external networks.

The security engineer is implementing a remotely triggered black hole solution. This technique is used to mitigate the impact of a Denial of Service (DoS) attack by discarding malicious traffic. The configuration on the management router redirects traffic with a specific tag (101) to a Null0 interface, effectively dropping the traffic and preventing it from reaching the targeted server. Additionally, the set community no-export command is used to prevent the route from being advertised to other routers, reducing the impact on the network.

User Learning
by
6.9k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.8m questions

11.4m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Link Copied!