Which Cisco feature can help mitigate spoofing attacks …

Which Cisco feature can help mitigate spoofing attacks by verifying symmetry of the traffic path?

Which Cisco feature can help mitigate spoofing attacks by verifying symmetry of the traffic path?

A.
Unidirectional Link Detection

B.
Unicast Reverse Path Forwarding

C.
TrustSec

D.
IP Source Guard

Explanation:
BD
Unicast Reverse Path Forwarding (uRPF) can mitigate spoofed IP packets. When this feature is enabled on
an interface, as packets enter that interface the router spends an extra moment considering the source address
of the packet. It then considers its own routing table, and if the routing table does not agree that the interface
that just received this packet is also the best egress interface to use for forwarding to the source address of the
packet, it then denies the packet.
This is a good way to limit IP spoofing.
Source: Cisco Official Certification Guide, Table 10-4 Protecting the Data Plane, p.270



Leave a Reply 0

Your email address will not be published. Required fields are marked *