Why should networks advertise only ROA-covered prefixes to peers?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Master RIPE BGP Security with our comprehensive test. Understand the Border Gateway Protocol, explore multiple choice questions, and get ready for your exam with detailed hints and explanations.

Multiple Choice

Why should networks advertise only ROA-covered prefixes to peers?

Explanation:
ROA-based validation uses Route Origin Authorizations to cryptographically authorize which origin AS is allowed to announce a prefix and up to what length. When peers enable this validation, they will accept a route only if it is covered by a valid ROA. By advertising only ROA-covered prefixes, you ensure that remote validators can pass the route’s origin checks, and you minimize the chance that legitimate routes are blocked while also reducing the exposure to invalid or hijacked routes. In short, it strengthens trust in the routing path by aligning announcements with what ROAs authorize, improving both security and stability.

ROA-based validation uses Route Origin Authorizations to cryptographically authorize which origin AS is allowed to announce a prefix and up to what length. When peers enable this validation, they will accept a route only if it is covered by a valid ROA. By advertising only ROA-covered prefixes, you ensure that remote validators can pass the route’s origin checks, and you minimize the chance that legitimate routes are blocked while also reducing the exposure to invalid or hijacked routes. In short, it strengthens trust in the routing path by aligning announcements with what ROAs authorize, improving both security and stability.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy