Which two features do Cisco routers offer to mitigate distributed denial-of-service (DDoS) attacks? (Choose two.)
A.
Anti-DDoS guard
B.
Scatter tracing
C.
Access control lists (ACLs)
D.
Flow control
E.
Rate limiting
Explanation:
Cisco routers use access control lists (ACLs) and blackholing features to help mitigate distributed denial-of-service (DDoS) attacks. A DoS attack is an attack in
which legitimate users are denied access to networks, systems, or resources. One of the most common DoS attacks is the DDoS attack, which is executed by using
multiple hosts to flood the network or send requests to a resource. The difference between DoS and DDoS is that in a DoS attack, an attacker uses a single host to
send multiple requests, whereas in DDoS attacks, multiple hosts are used to perform the same task.
Cisco routers offer the following features to mitigate DDoS attacks:
ACLs: Filter unwanted traffic, such as traffic that spoofs company addresses or is aimed at Windows control ports. However, an ACL is not effective when
network address translation (NAT) is implemented in the network.
Rate limiting: Minimizes and controls the rate of bandwidth used by incoming traffic.
Traffic-flow reporting: Creates a baseline for the network that is compared with the network traffic flow, helping you detect any intrusive network or host activity.
Apart from these features offered by Cisco routers, the following methods can also be used to mitigate DDoS attacks:
Using a firewall, you can block or permit traffic entering a network.
The systems vulnerable to attacks can be shifted to another location or a more secure LAN.Intrusion Detection Systems (IDS), such as Network Intrusion Detection Systems (NIDS) and Host Intrusion Detection Systems (HIDS), can be implemented to
detect intrusive network or host activity such as a DoS attack, and raise alerts when any such activity is detected.
Anti-DDoS guard and scatter tracing are incorrect because these features are not offered by Cisco routers to mitigate DDoS attacks.
Flow control is incorrect because flow control is used to prevent the loss of traffic between two devices.
Objective:
Infrastructure Security
Sub-Objective:
Configure, verify, and troubleshoot basic device hardeningCisco > Support > Technology Support > Security and VPN > Authentication Protocols > Technology Information > Technology White Paper > Strategies to Protect
Against Distributed Denial of Service (DDoS) Attacks > Document ID: 13634
18th/11/2017 New 200-125 Exam Questions Free Updated Today!
QUESTION 268
What are three benefits of GLBP? (Choose three.)
A. GLBP supports up to eight virtual forwarders per GLBP group.
B. GLBP supports clear text and MD5 password authentication between GLBP group members.
C. GLBP is an open source standardized protocol that can be used with multiple vendors.
D. GLBP supports up to 1024 virtual routers.
E. GLBP can load share traffic across a maximum of four routers.
F. GLBP elects two AVGs and two standby AVGs for redundancy.
Answer: BDE
QUESTION 269
Which three statements about HSRP operation are true? (Choose three.)
A. The virtual IP address and virtual MA+K44C address are active on the HSRP Master router.
B. The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
C. HSRP supports only clear-text authentication.
D. The HSRP virtual IP address must be on a different subnet than the routers’ interfaces on the same LAN.
E. The HSRP virtual IP address must be the same as one of the router’s interface addresses on the LAN.
F. HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.
Answer: ABF
Explanation:
The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX: HSRP group in hexadecimal)
QUESTION 270
Which three statements about Syslog utilization are true? (Choose three.)
A. Utilizing Syslog improves network performance.
B. The Syslog server automatically notifies the network administrator of network problems.
C. A Syslog server provides the storage space necessary to store log files without using router disk space.
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
E. Enabling Syslog on a router automatically enables NTP for accurate time stamping.
F. A Syslog server helps in aggregation of logs and alerts.
Answer: CDF
QUESTION 271
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)
A. informational
B. emergency
C. warning
D. critical
E. debug
F. error
Answer: BDF
QUESTION 272
What is the default Syslog facility level?
A. local4
B. local5
C. local6
D. local7
Answer: D
QUESTION 273
What command instructs the device to timestamp Syslog debug messages in milliseconds?
A. service timestamps log datetime localtime
B. service timestamps debug datetime msec
C. service timestamps debug datetime localtime
D. service timestamps log datetime msec
Answer: B
Explanation:
The “service timestamps debug” command configures the system to apply a time stamp to debugging messages. The time-stamp format for datetime is MMM DD HH:MM:SS, where MMM is the month, DD is the date, HH is the hour (in 24-hour notation), MM is the minute, and SS is the second. With the additional keyword msec, the system includes milliseconds in the time stamp, in the format HH:DD:MM:SS.mmm, where .mmm is milliseconds
QUESTION 274
Refer to the exhibit. What is the cause of the Syslog output messages?
A. The EIGRP neighbor on Fa0/1 went down due to a failed link.
B. The EIGRP neighbor connected to Fa0/1 is participating in a different EIGRP process, causing the adjacency
to go down.
C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down.
D. Interface Fa0/1 has become error disabled, causing the EIGRP adjacency to go down.
Answer: C
QUESTION 275
What are three components that comprise the SNMP framework? (Choose three.)
A. MIB
B. agent
C. set
D. AES
E. supervisor
F. manager
Answer: ABF
QUESTION 276
What are three components that comprise the SNMP framework? (Choose three.)
A. MIB
B. agent
C. set
D. AES
E. supervisor
F. manager
Answer: ABF
QUESTION 277
What SNMP message alerts the manager to a condition on the network?
A. response
B. get
C. trap
D. capture
Answer: C
Explanation:
An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to a condition on the network. Traps can mean improper user authentication, restarts, link status (up or down), MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other significant events.
QUESTION 278
What authentication type is used by SNMPv2?
A. HMAC-MD5
B. HMAC-SHA
C. CBC-DES
D. community strings
Answer: D
More new 200-125 Questions: https://www.braindump2go.com/200-125.html
0
0
I have latest dumps , contact me on wanjaledeepak@gmail.com
0
0