nerdexam
EC-Council

312-50V11 · Question #225

An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can

The correct answer is A. Make sure that legitimate network routers are configured to run routing protocols with. Configuring routing protocols with authentication prevents rogue routers from injecting fraudulent routes, directly mitigating man-in-the-middle attacks via route hijacking.

Sniffing

Question

An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

Options

  • AMake sure that legitimate network routers are configured to run routing protocols with
  • BDisable all routing protocols and only use static routes
  • COnly using OSPFv3 will mitigate this risk.
  • DRedirection of the traffic cannot happen unless the admin allows it explicitly.

How the community answered

(36 responses)
  • A
    72% (26)
  • B
    6% (2)
  • C
    3% (1)
  • D
    19% (7)

Why each option

Configuring routing protocols with authentication prevents rogue routers from injecting fraudulent routes, directly mitigating man-in-the-middle attacks via route hijacking.

AMake sure that legitimate network routers are configured to run routing protocols withCorrect

Routing protocols such as OSPF, EIGRP, and RIP support MD5 or SHA-based neighbor authentication, ensuring that only routers with valid credentials can participate in route exchanges. A rogue router without the correct authentication key cannot advertise routes to legitimate routers, preventing it from redirecting traffic. This directly neutralizes the attacker's ability to perform a man-in-the-middle attack by inserting fraudulent routing information.

BDisable all routing protocols and only use static routes

Disabling all routing protocols and relying solely on static routes is operationally impractical in most enterprise networks and does not scale as a general security mitigation.

COnly using OSPFv3 will mitigate this risk.

OSPFv3 alone does not mitigate the attack - authentication must be explicitly configured on the routing protocol regardless of version to prevent rogue router participation.

DRedirection of the traffic cannot happen unless the admin allows it explicitly.

A rogue router physically attached to the network can advertise routes and redirect traffic without any explicit administrative permission, making this statement technically incorrect.

Concept tested: Routing protocol authentication to prevent rogue router attacks

Source: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16/iro-xe-16-book/iro-ospf-auth.html

Topics

#rogue router#man-in-the-middle#routing protocol authentication#network MITM

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice