Refer to the exhibit. An engineer must tune the Cisco IOS device to mitigate an attack that is broadcasting a large number of ICMP packets. The attack is sending the victim's spoofed source IP to a network using an IP broadcast address that causes devices in the network to respond back to the source IP address. Which action does the engineer recommend?

A. Use command ip verify reverse-path interface

B. Use global configuration command service tcp-keepalives-out

C. Use subinterface command no ip directed-broadcast

D. Use logging trap 6








 

Suggested Answer: A

Reference:
https://www.ccexpert.us/pix-firewall/ip-verify-reversepath-command.html

This question is in 350-201 Performing CyberOps Using Cisco Security Technologies (CBRCOR) Exam
For getting Cisco Certified CyberOps Professional Certificate




Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Cisco.
Trademarks, certification & product names are used for reference only and belong to Cisco.
The website does not contain actual questions and answers from Cisco's Certification Exam.