350-201(NEW-127Q) · Question #7
350-201(NEW-127Q) Question #7: Real Exam Question with Answer & Explanation
The correct answer is B. Configure TCP intercept mechanism.. TCP Intercept is the correct mechanism because it directly counters SYN flood attacks by intercepting incoming TCP SYN requests and completing the three-way handshake on behalf of the server - preventing half-open connections from overwhelming the target. Cisco routers support th
Question
Options
- AConfigure session timeouts
- BConfigure TCP intercept mechanism.
- CConfigure NAT
- DConfigure Border Gateway Protocol
Explanation
TCP Intercept is the correct mechanism because it directly counters SYN flood attacks by intercepting incoming TCP SYN requests and completing the three-way handshake on behalf of the server - preventing half-open connections from overwhelming the target. Cisco routers support this natively, making it a cost-effective solution that requires no additional hardware.
Why the distractors are wrong:
- A (Session timeouts): Timeouts passively clean up stale connections after the fact but don't stop the flood from consuming resources in real time.
- C (NAT): NAT translates IP addresses between networks; it has no logic to detect or mitigate half-open TCP connections.
- D (BGP): BGP is a routing protocol for exchanging routes between autonomous systems - it operates at Layer 3 routing, not connection-level traffic filtering.
Memory tip: Match the attack to the protocol - SYN floods exploit TCP, so look for the answer that says TCP Intercept. If the answer contains the name of the protocol being attacked, that's your clue.
Topics
Community Discussion
No community discussion yet for this question.