JNCIP-SP: Juniper Networks Certified Professional – Service Provider (2023) — Question 56

Which statement is true regarding BGP FlowSpec?

Answer options

• A. It is used to protect a network from denial-of-service attacks dynamically.
• B. It uses dynamically created routing policies to protect a network from denial-of-service attacks.
• C. It uses a remote triggered black hole to protect a network from a denial-of-service attack.
• D. It verifies that the source IP of the incoming packet has a resolvable route in the routing table.

Correct answer: A

Explanation

The correct answer A highlights that BGP FlowSpec is specifically designed to dynamically protect networks from denial-of-service attacks. Options B and C incorrectly suggest that FlowSpec relies on specific routing policies or a remote triggered black hole, while option D is unrelated, as it pertains to route verification rather than attack prevention.