Cisco Exam 350-501 Topic 2 Question 102 Discussion

Actual exam question for Cisco's 350-501 exam

Question #: 102
Topic #: 2

A network architect plans to implement MPLS OAM to provide additional troubleshooting functionality for the NOC team. After analyzing the configuration on the MPLS P/PE nodes, the architect decides to revise the CoPP policies. Which two actions ensure that the new solution is secure? (Choose two.)

AAllow port 3505 in the outbound direction only.

BAllow the ICMP protocol only.

CAllow the TCP and UDP protocols.

DAllow the UDP protocol only.

EAllow port 3503 in the inbound direction only.

Show Suggested Answer

Suggested Answer: B

To mitigate DDoS attacks in a BGP environment, an engineer can apply BGP FlowSpec, which allows for the creation of traffic filtering policies that can be distributed across the network.This configuration enables the network to respond quickly to DDoS attacks by filtering or redirecting malicious traffic based on predefined criteria, such as source IP, destination IP, and port numbers456.

by Manu at Sep 29, 2024, 11:43 PM

Limited Time Offer

25%

Off

Get Premium 350-501 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Marshall

12 days ago

I'm not so sure about that. Allowing only ICMP or UDP might not be enough. We should also consider allowing the TCP protocol, since some MPLS OAM tools might use it as well.

upvoted 0 times

...