Which practice is part of defensive interdomain routing during an hijack or DDoS?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Master RIPE BGP Security with our comprehensive test. Understand the Border Gateway Protocol, explore multiple choice questions, and get ready for your exam with detailed hints and explanations.

Multiple Choice

Which practice is part of defensive interdomain routing during an hijack or DDoS?

Explanation:
During a hijack or DDoS, the goal is to quickly verify route legitimacy and limit the spread of bogus paths across the Internet. The best defensive interdomain routing approach combines strict filtering, cryptographic validation, coordinated action with peers, proactive routing choices, and ongoing visibility. Strict inbound and outbound filtering prevents accepting or advertising prefixes that aren’t authorized, reducing the chance that a misrouted or malicious path propagates further. RPKI-based validation adds cryptographic origin verification, so you can discard routes that don’t have valid ROAs, cutting off invalid announcements from affecting traffic. Coordinating with peers is essential in interdomain routing because neighboring networks can apply harmonized filters and quickly implement mitigations, creating a safer overall routing environment. Switching to secure routes means prioritizing or forcing paths that are RO/RPKI-validated or otherwise considered trustworthy, and can include rerouting traffic away from compromised or congested links. Continuous monitoring provides real-time visibility into route changes and the effectiveness of mitigations, enabling rapid adjustments as the situation evolves. Disabling RPKI validation eliminates a key defense against invalid origins, making hijacks more likely to succeed. Ignoring peer communications wastes the opportunity for coordinated defense. Turning off monitoring leaves you blind to the attack’s progression and the impact of any mitigations.

During a hijack or DDoS, the goal is to quickly verify route legitimacy and limit the spread of bogus paths across the Internet. The best defensive interdomain routing approach combines strict filtering, cryptographic validation, coordinated action with peers, proactive routing choices, and ongoing visibility.

Strict inbound and outbound filtering prevents accepting or advertising prefixes that aren’t authorized, reducing the chance that a misrouted or malicious path propagates further. RPKI-based validation adds cryptographic origin verification, so you can discard routes that don’t have valid ROAs, cutting off invalid announcements from affecting traffic. Coordinating with peers is essential in interdomain routing because neighboring networks can apply harmonized filters and quickly implement mitigations, creating a safer overall routing environment. Switching to secure routes means prioritizing or forcing paths that are RO/RPKI-validated or otherwise considered trustworthy, and can include rerouting traffic away from compromised or congested links. Continuous monitoring provides real-time visibility into route changes and the effectiveness of mitigations, enabling rapid adjustments as the situation evolves.

Disabling RPKI validation eliminates a key defense against invalid origins, making hijacks more likely to succeed. Ignoring peer communications wastes the opportunity for coordinated defense. Turning off monitoring leaves you blind to the attack’s progression and the impact of any mitigations.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy