Implementing Cisco Network Security (IINS, legacy) — Question 24

How can you mitigate DCE/RPC evasion techniques while allowing access to the DCE/RPC service?

Answer options

• A. Update the IPS signature for HTTPS to validate DCE/RPC connections
• B. Block suspicious hosts from DCE/RPC port 593
• C. Tunnel DCE/RPC traffic through GRE
• D. Configure the DCE/RPC preprocessor

Correct answer: B

Explanation

Blocking suspicious hosts from the DCE/RPC port 593 effectively mitigates potential evasion techniques by preventing unauthorized access. The other options either do not directly address evasion techniques or may complicate legitimate traffic without providing adequate protection.