Multiple Choice
A network administrator is concerned about a particular server that is attacked occasionally from hosts on the Internet. The server is not critical; however, the attacks impact the rest of the network. While the company's current ISP is cost effective, the ISP is slow to respond to reported issues. The administrator needs to be able to mitigate the effects of an attack immediately without opening a trouble ticket with the ISP. The ISP is willing to accept a very small network route advertised with a particular BGP community string. Which of the following is the BESRT way for the administrator to mitigate the effects of these attacks?
A) Use the route protection offered by the ISP to accept only BGP routes from trusted hosts on the Internet, which will discard traffic from attacking hosts.
B) Work with the ISP and subscribe to an IPS filter that can recognize the attack patterns of the attacking hosts, and block those hosts at the local IPS device.
C) Advertise a /32 route to the ISP to initiate a remotely triggered black hole, which will discard traffic destined to the problem server at the upstream provider.
D) Add a redundant connection to a second local ISP, so a redundant connection is available for use if the server is being attacked on one connection.
Correct Answer:
Verified
Correct Answer:
Verified
Q390: A security analyst is reviewing the following
Q391: A legacy web application, which is being
Q392: During the decommissioning phase of a hardware
Q393: After the departure of a developer under
Q394: A security consultant is performing a penetration
Q396: A Chief Information Securiy Officer (CISO) is
Q397: A systems administrator has installed a disk
Q398: A Chief Information Security Officer (CISO is
Q399: A SaaS-based email service provider often receives
Q400: During a criminal investigation, the prosecutor submitted