Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR) — Question 176

A network operator working for a private outsourcing company with an employee id: 4261:72:778 needs to limit the malicious traffic on their network. Which configuration must the engineer use to implement URPF loose mode on the GigabitEthernet0/1 interface?

Answer options

• A. router(config)# interface gigabitethernet0/1 router(config-if)# ip address 192.168.200.1 255.255.255.0 router(config-if)# ip verify unicast source reachable-via any router(config-if)# ipv6 address 2001:DB8:1::1/96 router(config-if)# ipv6 verify unicast source reachable-via any
• B. router(config)# interface gigabitethernet0/1 router(config-if)# ip address 192.168.200.1 255.255.255.0 router(config-if)# ip verify unicast source reachable-via rx router(config-if)# ipv6 address 2001:DB8:1::1/96 router(config-if)# ipv6 verify unicast source reachable-via rx
• C. router(config)# interface gigabitethernet0/1 router(config if)# ip address 192.168.200.1 255.255.255.0 router(config-if)# ip verify unicast source reachable-via rx router(config-if)# ipv6 address 2001:DB8:1::1/96 router(config-if)# ipv6 verify unicast source reachable-via any
• D. router(config)# interface gigabitethernet0/1 router(config-if)# ip address 192.168.200.1 255.255.255.0 router(config-if)# ip verify unicast source reachable-via any router(config-if)# ipv6 address 2001:DB8:1::1/96 router(config-if)# ipv6 verify unicast source reachable-via rx

Correct answer: A

Explanation

Option A is correct because it configures the interface with URPF loose mode using 'reachable-via any' for both IPv4 and IPv6, allowing more flexibility in source reachability. Options B and C incorrectly use 'reachable-via rx', which does not implement loose mode. Option D uses 'reachable-via any' for IPv4 but incorrectly applies 'reachable-via rx' for IPv6, which is inconsistent for URPF loose mode.