The network engineering team for a large university must increase the security within the core of the network by ensuring that IP traffic only originates from a network segment that is assigned to that interface in the routing table.
Which technology must be chosen to accomplish this requirement?
A . VLAN access control lists
B . Unicast Reverse Path Forwarding
C . Intrusion prevention system
D . ARP inspection
Answer: B
Explanation:
Unicast Reverse Path Forwarding
One approach to preventing malicious traffic from entering a network is to use Unicast Reverse Path Forwarding (uRPF) . Specifically, uRPF can help block packets having a spoofed IP address. The way that uRPF works is to check the source IP address of a packet arriving on an interface and determine whether that IP address is reachable, based on the router’s Forwarding Information Base (FIB) used by Cisco Express Forwarding (CEF). Optionally, the router can also check to see whether the packet is arriving on the interface the router would use to send traffic back to that IP address.
Leave a Reply