CAS-002 · Question #336
CAS-002 Question #336: Real Exam Question with Answer & Explanation
The correct answer is A: Investigate the network traffic and block UDP port 3544 at the firewall. The 2001::/32 prefix is used for Teredo tunneling. Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network. Unlike similar protocols, it can perform its function even
Question
Options
- AInvestigate the network traffic and block UDP port 3544 at the firewall
- BRemove the system from the network and disable IPv6 at the router
- CLocate and remove the unauthorized 6to4 relay from the network
- DDisable the switch port and block the 2001::/32 traffic at the firewall
Explanation
The 2001::/32 prefix is used for Teredo tunneling. Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network. Unlike similar protocols, it can perform its function even from behind network address translation (NAT) devices such as Teredo provides IPv6 (Internet Protocol version 6) connectivity by encapsulating IPv6 datagram packets within IPv4 User Datagram Protocol (UDP) packets. Teredo routes these datagrams on the IPv4 Internet and through NAT devices. Teredo nodes elsewhere on the IPv6 network (called Teredo relays) receive the packets, decapsulate them, and pass them on. The Teredo server listens on UDP port 3544. Teredo clients are assigned an IPv6 address that starts with the Teredo prefix (2001::/32). In this question, the BEST course of action would be to block UDP port 3544 at the firewall. This will block the unauthorized communication. You can then investigate the traffic within the network.
Community Discussion
No community discussion yet for this question.