EC-Council
312-50V9 · Question #303
312-50V9 Question #303: Real Exam Question with Answer & Explanation
The correct answer is B: Make sure that legitimate network routers are configured to run routing protocols with. A rogue router can inject false routes into a network; configuring routing protocol authentication ensures only trusted routers can exchange routing updates.
Question
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?
Options
- AOnly using OSPFv3 will mitigate this risk.
- BMake sure that legitimate network routers are configured to run routing protocols with
- CRedirection of the traffic cannot happen unless the admin allows it explicitly.
- DDisable all routing protocols and only use static routes.
Explanation
A rogue router can inject false routes into a network; configuring routing protocol authentication ensures only trusted routers can exchange routing updates.
Common mistakes.
- A. OSPFv3 by itself does not prevent rogue routers - authentication must be explicitly enabled regardless of which OSPF version is used.
- C. Traffic redirection via routing protocols can occur without admin permission if routers lack authentication, making this statement technically incorrect.
- D. Disabling all routing protocols and using only static routes is operationally impractical in most networks and is not a scalable or standard security mitigation.
Concept tested. Routing protocol authentication against rogue routers
Reference. https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol/13721-43.html
Community Discussion
No community discussion yet for this question.