PrepAway - Latest Free Exam Questions & Answers

Which of the following features prevent attacks that co…

Which of the following features prevent attacks that consume CPU and memory resources? (Select 2 choices.)

PrepAway - Latest Free Exam Questions & Answers

A.
CoPP

B.
CPPr

C.
CPU Threshold Notifications

D.
Memory Threshold Notifications

Explanation:
Control Plane Policing (CoPP) and Control Plane Protection (CPPr) prevent attacks that consume CPU and
memory resources. Both CoPP and CPPr use class maps to filter and ratelimit traffic. However, CPPr
separates control plane traffic into three subinterfaces: the host subinterface, the transit subinterface, and the
Cisco Express Forwarding (CEF)exception subinterface. For this reason, Cisco recommends that you use
CPPr instead of CoPP whenever possible. To configure CPPr, you must perform the following steps:
– Create access control lists (ACLs) to identify traffic.
– Create a traffic class.
– Create a traffic policy, and associate the traffic class to the policy.
– Apply the policy to the specific control plane subinterface.
CoPP is similar to CPPr, except CoPP does not separate control plane traffic into three subinterfaces. To
configure CoPP, you must perform the following steps:
– Create ACLs to identify traffic.
– Create a traffic class.
– Create a traffic policy, and associate the traffic class to the policy.
– Apply the policy to the control plane interface.
The host subinterface contains control plane IP traffic that is destined for a router interface, including traffic
from the following sources and protocols:
– Terminating tunnels
– Secure Shell (SSH)
– Simple Network Management Protocol (SNMP)
– Internal Border Gateway Protocol (iBGP)
– Enhanced Interior Gateway Routing Protocol (EIGRP)
The transit subinterface contains control plane IP traffic that is traversing the router, including the followingtraffic:
– Nonterminating tunnel traffic
– Traffic that is softwareswitched by the route processor
The CEFexception subinterface contains control plane traffic redirected by CEF for process switching, including
traffic from the following sources and protocols:
– NonIP hosts
– Address Resolution Protocol (ARP)
– External BGP (eBGP)
– Open Shortest Path First (OSPF)
– Label Distribution Protocol (LDP)
– Layer 2 keepalives
CPU Threshold Notifications and Memory Threshold Notifications do not prevent attacks that consume CPU
and memory resources. However, these features can automatically send notifications if excessive CPU or
memory consumption is detected. Excessive resource consumption could occur if CoPP or CPPr protection
features have been circumvented or are misconfigured. Notifications are typically sent as SNMP trap
messages.

Cisco: Control Plane Protection


Leave a Reply