What signal indicates a potential BGP hijack when monitoring for anomalies?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Master RIPE BGP Security with our comprehensive test. Understand the Border Gateway Protocol, explore multiple choice questions, and get ready for your exam with detailed hints and explanations.

Multiple Choice

What signal indicates a potential BGP hijack when monitoring for anomalies?

Explanation:
When monitoring for BGP hijacks, sudden changes in the AS_PATH for a prefix are the most telling signal. A hijacker typically announces the same prefix from a different origin AS or alters the path to draw traffic, which shows up as abrupt, unexpected updates to the AS_PATH and often as route instability. This kind of rapid path change stands out against normal, stable routing behavior. If routes stabilize and prefixes don’t change, that reduces suspicion of a hijack. Likewise, consistent ROA matches suggest the announcements align with authorized origins, making hijacking less likely. However, the hallmark anomaly to watch for is the quick, unexpected AS_PATH change that indicates a prefix being reachable through an unintended route.

When monitoring for BGP hijacks, sudden changes in the AS_PATH for a prefix are the most telling signal. A hijacker typically announces the same prefix from a different origin AS or alters the path to draw traffic, which shows up as abrupt, unexpected updates to the AS_PATH and often as route instability. This kind of rapid path change stands out against normal, stable routing behavior.

If routes stabilize and prefixes don’t change, that reduces suspicion of a hijack. Likewise, consistent ROA matches suggest the announcements align with authorized origins, making hijacking less likely. However, the hallmark anomaly to watch for is the quick, unexpected AS_PATH change that indicates a prefix being reachable through an unintended route.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy