Multiple Choice
A network administrator is concerned about a particular server that is attacked occasionally from hosts on the Internet. The server is not critical; however, the attacks impact the rest of the network. While the company's current ISP is cost effective, the ISP is slow to respond to reported issues. The administrator needs to be able to mitigate the effects of an attack immediately without opening a trouble ticket with the ISP. The ISP is willing to accept a very small network route advertised with a particular BGP community string. Which of the following is the BEST way for the administrator to mitigate the effects of these attacks?
A) Use the route protection offered by the ISP to accept only BGP routes from trusted hosts on the Internet, which will discard traffic from attacking hosts.
B) Work with the ISP and subscribe to an IPS filter that can recognize the attack patterns of the attacking hosts, and block those hosts at the local IPS device.
C) Advertise a /32 route to the ISP to initiate a remotely triggered black hole, which will discard traffic destined to the problem server at the upstream provider.
D) Add a redundant connection to a second local ISP, so a redundant connection is available for use if the server is being attacked on one connection.
Correct Answer:
Verified
Correct Answer:
Verified
Q193: A deployment manager is working with a
Q194: A medical device company is implementing a
Q195: A team is at the beginning stages
Q196: Several recent ransomware outbreaks at a company
Q197: The audit team was only provided the
Q199: A Chief Information Security Officer (CISO) is
Q200: An engineer is assisting with the design
Q201: A large, multinational company currently has two
Q202: An enterprise's Chief Technology Officer (CTO) and
Q203: A security engineer is attempting to convey