nerdexam
EC-Council

312-50V9 · Question #303

An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can

The correct answer is B. Make sure that legitimate network routers are configured to run routing protocols with. A rogue router can inject false routes into a network; configuring routing protocol authentication ensures only trusted routers can exchange routing updates.

Sniffing

Question

An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

Options

  • AOnly using OSPFv3 will mitigate this risk.
  • BMake sure that legitimate network routers are configured to run routing protocols with
  • CRedirection of the traffic cannot happen unless the admin allows it explicitly.
  • DDisable all routing protocols and only use static routes.

How the community answered

(29 responses)
  • A
    3% (1)
  • B
    83% (24)
  • C
    3% (1)
  • D
    10% (3)

Why each option

A rogue router can inject false routes into a network; configuring routing protocol authentication ensures only trusted routers can exchange routing updates.

AOnly using OSPFv3 will mitigate this risk.

OSPFv3 by itself does not prevent rogue routers - authentication must be explicitly enabled regardless of which OSPF version is used.

BMake sure that legitimate network routers are configured to run routing protocols withCorrect

Configuring routing protocols with authentication (such as MD5 for OSPF, EIGRP, or BGP) ensures that routing updates are accepted only from verified, legitimate routers. Without authentication, a rogue router can freely advertise false routes and divert traffic through the attacker's device. This is the primary and standard mitigation against rogue router man-in-the-middle attacks.

CRedirection of the traffic cannot happen unless the admin allows it explicitly.

Traffic redirection via routing protocols can occur without admin permission if routers lack authentication, making this statement technically incorrect.

DDisable all routing protocols and only use static routes.

Disabling all routing protocols and using only static routes is operationally impractical in most networks and is not a scalable or standard security mitigation.

Concept tested: Routing protocol authentication against rogue routers

Source: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol/13721-43.html

Topics

#rogue router#man-in-the-middle#routing protocols#network security

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice