What is the impact of a persistent BGP hijack and how can you recover?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Master RIPE BGP Security with our comprehensive test. Understand the Border Gateway Protocol, explore multiple choice questions, and get ready for your exam with detailed hints and explanations.

Multiple Choice

What is the impact of a persistent BGP hijack and how can you recover?

Explanation:
A persistent BGP hijack means the attacker keeps announcing prefixes you own, so routers continue to send your traffic to the attacker instead of your legitimate origin. Because those fraudulent routes persist, users experience ongoing misrouting, which can lead to traffic interception, data leakage, modification, denial of service, or loss of reachability until the hijack is fixed. Recovery centers on removing the hijack and reestablishing normal routing. Withdraw the malicious announcements and ensure upstreams and peers stop propagating them, then re-advertise your prefixes from the legitimate origin AS. Strengthen defenses to prevent recurrence by applying strict BGP filtering at peering points, using RPKI-based origin validation (and IRR data) to drop illegitimate origins, and ensuring your prefix announcements are tightly controlled. Coordinate with upstream providers and peers to purge the hijacked routes from their views and restore the correct path to your network. After restoration, monitor routing and traffic to confirm convergence to the proper path, and review incident handling to improve future resilience.

A persistent BGP hijack means the attacker keeps announcing prefixes you own, so routers continue to send your traffic to the attacker instead of your legitimate origin. Because those fraudulent routes persist, users experience ongoing misrouting, which can lead to traffic interception, data leakage, modification, denial of service, or loss of reachability until the hijack is fixed.

Recovery centers on removing the hijack and reestablishing normal routing. Withdraw the malicious announcements and ensure upstreams and peers stop propagating them, then re-advertise your prefixes from the legitimate origin AS. Strengthen defenses to prevent recurrence by applying strict BGP filtering at peering points, using RPKI-based origin validation (and IRR data) to drop illegitimate origins, and ensuring your prefix announcements are tightly controlled. Coordinate with upstream providers and peers to purge the hijacked routes from their views and restore the correct path to your network. After restoration, monitor routing and traffic to confirm convergence to the proper path, and review incident handling to improve future resilience.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy