Which of the following is the BEST solution?

– by 8

A network engineer is upgrading the network perimeter and installing a new firewall, IDS, and external edge router. The IDS is reporting elevated UDP traffic, and the internal routers are reporting high utilization. Which of the following is the BEST solution?
A. Reconfigure the firewall to block external UDP traffic.
B. Establish a security baseline on the IDS.
C. Block echo reply traffic at the firewall.
D. Modify the edge router to not forward broadcast traffic.

How to PASS CAS-004 in First Attempt?

FULL Printable PDF and Software. VALID exam to help you PASS.
comptia-exams

8 thoughts on “Which of the following is the BEST solution?

  1. I think as you are installing a lot of new gear you first need a baseline to work forwards from…

    2
    Reply

  2. I was solidly on D until I found this on Cisco’s site.

    “UDP broadcast packets are used by TCP/IP protocols such as DHCP and applications that need to send the same data to multiple hosts concurrently. Because routers by default do not forward broadcast packets you need to customize your router’s configuration if your network has UDP broadcast traffic on it.”
    cisco com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/15-mt/iap-15-mt-book/iap-bph html

    You wouldn’t want to block ALL external UDP traffic either.

    I’m thinking B is correct.

    1
    Reply

  3. B – you are installing a NEW IDS, Firewall and edge router –
    IDS – detecting UDP –
    Internal routers reporting High utilization

    This could simply be everything coming back up – DHCP causing an internal broadcast storm for example. You just don’t know yet.

    D – Edge routers don’t forward broadcast traffic by default
    C – block echo – this is good – but ICMP is nether udp or tcp – so I dont think this is it.
    A – I don’t think you want to arbitrarily block UDP traffic – that would shut a lot of good stuff down.

    1
    Reply

    1. haha you think that could really be it?? It seems so obvious in a way. I may have to reevaluate this…

      Reply

    1. I wish it would give more information because I still consider A. Reconfigure the firewall to block external UDP traffic. an option but I guess D would be the BEST solution ??

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.