Which two statements about uRPF are true?

Which two statements about uRPF are true? (Choose two.)
A. The administrator can configure the allow-default command to force the routing table to use only the default route
B. It is not supported on the Cisco ASA security appliance.
C. The administrator can configure the ip verify unicast source reachable-via any command to enable the RPF check to work routing groups.
D. The administrator can use the show cef interface command to determine whether uRPF is enabled
E. In strict mode, only one routing path can be available to reach network devices on a subnet

cisco-exams

2 thoughts on “Which two statements about uRPF are true?

  1. I would go with DE.

    A is incorrect – Read this from Cisco docs:
    https://www.cisco.com/c/en/us/about/security-center/unicast-reverse-path-forwarding.html

    “When administrators use Unicast RPF in loose mode, the source address must appear in the routing table. Administrators can change this behavior using the allow-default option, which allows the use of the default route in the source verification process. ”
    allow-default only helps with verification process and does NOT alter the routing table!

    I would go with E: Strict mode:
    “Unicast RPF in strict mode, the packet must be received on the interface that the router would use to forward the return packet.”

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.