Register
A server ( ) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a separate network segment. The security engineer implements
224k views
3 votes
A server ( ) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a separate network segment. The security engineer implements the following configuration on the management router:

Router(config)# ip route Null0
Router(config)# route-map DATA
Router(config-route-map)# match tag 101
Router(config-route-map)# set ip next-hop
Router(config-route-map)# set community no-export
Router(config-router)# redistribute static route-map DATA
Router(config)# ip route Null0 tag 101

Which of the following is the engineer implementing?

A. Remotely triggered black hole
B. Route protection
C. Port security
D. Transport security
E. Address space layout randomization

User Jiju John
by
7.7k points

1 Answer

4 votes

Final answer:

The security engineer is implementing a remotely triggered black hole to prevent a DoS attack from compromised marketing desktops by routing malicious traffic to a null interface.

Step-by-step explanation:

The security engineer is implementing a remotely triggered black hole (RTBH). This technique is used to prevent a Denial of Service (DoS) attack by routing malicious traffic to a 'black hole' where it can be discarded. The engineer configures a static route to a Null0 interface, which is a virtual interface that discards traffic sent to it. By tagging this route and redistributing it into the network, the router filters out traffic based on the tag and redirects it to Null0. The 'no-export' community prevents this route from being advertised to external networks.

The security engineer is implementing a remotely triggered black hole solution. This technique is used to mitigate the impact of a Denial of Service (DoS) attack by discarding malicious traffic. The configuration on the management router redirects traffic with a specific tag (101) to a Null0 interface, effectively dropping the traffic and preventing it from reaching the targeted server. Additionally, the set community no-export command is used to prevent the route from being advertised to other routers, reducing the impact on the network.

User Learning
by
6.9k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.8m questions

11.4m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
Explain why binary codes are used to represent characters, numbers and symbols :)
What is an example of a dedicated computer system?
If a person sends email from a school computer or a business computer, should that message be considered private? Does the institution or person that owns the computer from which email is sent have a right
Link Copied!