You are the administrator at Certkiller Inc. and you are configuring the PIX Firewall. The ip verify reverse-path command implements which of the following on the PIX Firewall? (Choose two)
A.
The ip verify reverse-path command performs a route lookup based on the destination address.
B.
The ip verify reverse-path command performs a route lookup based on the source address.
C.
The ip verify reverse-path command provides session state information based on source address.
D.
The ip verify reverse-path command provides ingress filtering.
E.
The ip verify reverse-path command provides session state information based on destination address.
Explanation:
Use the ipverify unicast reverse-path interface command on the input interface on the router at the upstream end of the connection. This feature examines each packet received as input on that interface. If the source IP address does not have a route in the CEF tables that points back to the same interface on which the packet arrived, the router drops the packet.
Reference: Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks