CiscoCisco
350-601 · Question #420
350-601 Question #420: Real Exam Question with Answer & Explanation
Sign in or unlock 350-601 to reveal the answer and full explanation for question #420. The question stem and answer options stay visible for context.
Security
Question
An engineer must implement protection against ICMP DoS attacks on a Cisco Nexus 9000 Series Switch. The requirement is to rate-limit ICMP without denying all other ICMP traffic. The ICMP trafic currently passing through the Cisco Nexus 9000 device must not be affected. Which configuration accomplishes these goals?
Options
- AConfigure SNMP traps to send the ICMP notification if the CPU utilization is more than 90%.
- BReconfigure the Layer 3 interfaces to be in the non-default VRF and ICMP broadcast storm
- CCreate an access list to deny ICMP traffic and apply it to all interlaces in the inside direction.
- DApply a control plane service policy that matches all ICMP traffic to drop the traffic fiat exceeds
Unlock 350-601 to see the answer
You've previewed enough free 350-601 questions. Unlock 350-601 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Control Plane Policing (CoPP)#DoS Protection#ICMP Rate Limiting#Cisco Nexus Security