312-50V11 · Question #225
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can
The correct answer is A. Make sure that legitimate network routers are configured to run routing protocols with. Configuring routing protocols with authentication prevents rogue routers from injecting fraudulent routes, directly mitigating man-in-the-middle attacks via route hijacking.
Question
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?
Options
- AMake sure that legitimate network routers are configured to run routing protocols with
- BDisable all routing protocols and only use static routes
- COnly using OSPFv3 will mitigate this risk.
- DRedirection of the traffic cannot happen unless the admin allows it explicitly.
How the community answered
(36 responses)- A72% (26)
- B6% (2)
- C3% (1)
- D19% (7)
Why each option
Configuring routing protocols with authentication prevents rogue routers from injecting fraudulent routes, directly mitigating man-in-the-middle attacks via route hijacking.
Routing protocols such as OSPF, EIGRP, and RIP support MD5 or SHA-based neighbor authentication, ensuring that only routers with valid credentials can participate in route exchanges. A rogue router without the correct authentication key cannot advertise routes to legitimate routers, preventing it from redirecting traffic. This directly neutralizes the attacker's ability to perform a man-in-the-middle attack by inserting fraudulent routing information.
Disabling all routing protocols and relying solely on static routes is operationally impractical in most enterprise networks and does not scale as a general security mitigation.
OSPFv3 alone does not mitigate the attack - authentication must be explicitly configured on the routing protocol regardless of version to prevent rogue router participation.
A rogue router physically attached to the network can advertise routes and redirect traffic without any explicit administrative permission, making this statement technically incorrect.
Concept tested: Routing protocol authentication to prevent rogue router attacks
Source: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16/iro-xe-16-book/iro-ospf-auth.html
Topics
Community Discussion
No community discussion yet for this question.