Juniper
JN0-1330 · Question #35
JN0-1330 Question #35: Real Exam Question with Answer & Explanation
Sign in or unlock JN0-1330 to reveal the answer and full explanation for question #35. The question stem and answer options stay visible for context.
Question
Click the Exhibit button. Referring to the network shown in the exhibit, a SYN flood attacks is initiated by an attacker that has a public IP address from ISP B within the 200.200.10.0/24 prefix. The attacker is sending SYN packets to the victim, connected to ISP A, with destination address of 100.100.31.78 using spoofed source addresses at random from the 192.168.0.0/16 prefix. Which two design best practices would prevent this attack from working? (Choose two.)
Exhibit
Options
- AISP A should implement an ingress firewall filter on router R2 to discard traffic originating from the
- BISP A should implement an ingress firewall filter on router R3 to discard traffic originating from the
- CISP A should implement an ingress firewall filter on router R3 to discard traffic originating from the
- DISP B should implement an ingress firewall filter on the router R5 interface connecting to the attacker
Unlock JN0-1330 to see the answer
You've previewed enough free JN0-1330 questions. Unlock JN0-1330 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.