Cisco Exam 500-490 Topic 3 Question 73 Discussion

Actual exam question for Cisco's 500-490 exam

Question #: 73
Topic #: 3

Which two statements regarding Cisco SD-WAN vEdge routers can mitigate DoS attacks against the infrastructure? (Choose two.)

AThe vEdge routers run on hardened Linux operating systems.

BOnly authorized controllers are allowed to communicate back to the vEdg e router after the vEdge router establishes connection with the controllers.

CIn case of direct Internet access, the only traffic allowed back is the traffic matching the state table entries on the vEdge router.

DOpen Certificate Authority and automated enrollment feature.

EBy default, all incoming traffic is denied at the transport (WAN) side interfaces.

Show Suggested Answer

Suggested Answer: C

by Billye at Jan 09, 2025, 12:20 PM

Limited Time Offer

25%

Off

Get Premium 500-490 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Serina

10 days ago

Ooh, this is a tricky one. I'm going to go with B and E. Gotta love that hardened Linux and default deny-all approach to keep those DoS attackers at bay!

upvoted 0 times

...

Sanjuana

20 days ago

I'm going with B and C. Controlling the communication back to the vEdge routers and restricting the incoming traffic are key for protecting the infrastructure.

upvoted 0 times

Diego

2 days ago

Yes, restricting the incoming traffic based on state table entries is also important for security.

upvoted 0 times

...

Kristeen

8 days ago

I agree, controlling the communication back to the vEdge routers is crucial.

upvoted 0 times

...

Kattie

21 days ago

Haha, I bet the right answers involve some kind of security lockdown. These vEdge routers must be like digital fortresses against those pesky DoS attacks!

upvoted 0 times

...

Latrice

22 days ago

B and E seem to be the way to go. Limiting the allowed communication and denying all incoming traffic by default is a solid security approach.

upvoted 0 times

...

Estrella

22 days ago

I'm not sure about A, but I think E is definitely one of the correct answers. Denying incoming traffic is crucial for security.

upvoted 0 times

...

Amber

27 days ago

I agree with Audra. A and E make sense because hardened Linux OS and denying incoming traffic can help mitigate DoS attacks.

upvoted 0 times

...

Audra

28 days ago

I think the answer is A and E.

upvoted 0 times

...

Berry

29 days ago

I think B and C are the correct answers. The vEdge routers need to be hardened against unauthorized access, and controlling the traffic flow is crucial for mitigating DoS attacks.

upvoted 0 times

...