Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 350-501 Topic 2 Question 102 Discussion

Actual exam question for Cisco's 350-501 exam
Question #: 102
Topic #: 2
[All 350-501 Questions]

A network architect plans to implement MPLS OAM to provide additional troubleshooting functionality for the NOC team. After analyzing the configuration on the MPLS P/PE nodes, the architect decides to revise the CoPP policies. Which two actions ensure that the new solution is secure? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B

To mitigate DDoS attacks in a BGP environment, an engineer can apply BGP FlowSpec, which allows for the creation of traffic filtering policies that can be distributed across the network.This configuration enables the network to respond quickly to DDoS attacks by filtering or redirecting malicious traffic based on predefined criteria, such as source IP, destination IP, and port numbers456.


by Manu at Sep 29, 2024, 11:43 PM

Limited Time Offer

25%

Off

Get Premium 350-501 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Bettina
1 months ago
I'm leaning towards A and E. Restricting the specific ports used by MPLS OAM and allowing direction-specific access seems like a good way to secure the solution.
upvoted 0 times
...
Janey
1 months ago
Haha, I bet the architect is regretting not using port 42069 in the configuration. That would have been the ultimate security move!
upvoted 0 times
...
Marshall
2 months ago
I'm not so sure about that. Allowing only ICMP or UDP might not be enough. We should also consider allowing the TCP protocol, since some MPLS OAM tools might use it as well.
upvoted 0 times
Josphine
29 days ago
User 2: Yeah, that makes sense. Let's revise the CoPP policies to allow TCP along with ICMP and UDP.
upvoted 0 times
...
Dalene
1 months ago
User 1: I think we should allow the TCP protocol as well.
upvoted 0 times
...
...
Delmy
2 months ago
I think we should also allow the UDP protocol only. It can help in ensuring security for the new solution.
upvoted 0 times
...
Francesco
2 months ago
Hmm, I think B and D are the correct answers. MPLS OAM uses ICMP and UDP, so we need to allow those protocols for the new solution to be secure.
upvoted 0 times
Noe
21 days ago
User4: Agreed, allowing only ICMP and UDP will ensure security.
upvoted 0 times
...
Aileen
23 days ago
User3: So we need to allow those protocols for the new solution to be secure.
upvoted 0 times
...
Edwin
1 months ago
User2: Yes, MPLS OAM uses ICMP and UDP.
upvoted 0 times
...
Merilyn
2 months ago
User1: I think B and D are the correct answers.
upvoted 0 times
...
...
Precious
2 months ago
I agree with Dominque. Allowing specific ports in a specific direction can help secure the network.
upvoted 0 times
...
Dominque
3 months ago
I think we should allow port 3505 in the outbound direction only.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77