Remotely Triggered Black Hole Filtering: True Statements | CCIE Security Exam

Remotely Triggered Black Hole Filtering

Prev Question Next Question


Which three statements about remotely triggered black hole filtering are true? (Choose three.)



Click on the arrows to vote for the correct answer

A. B. C. D.


Remotely triggered black hole (RTBH) filtering is a technique used in network security to quickly mitigate the impact of a DDoS attack by filtering undesirable traffic at the network edge. Here are the statements that are true about RTBH filtering:

A. It filters undesirable traffic: This statement is true. RTBH filtering allows network administrators to drop traffic destined for a specific IP address or range of addresses at the network edge, preventing it from reaching the intended target. This technique is particularly useful in mitigating DDoS attacks, where a large volume of traffic is generated to overwhelm a target server or network.

B. It uses BGP or OSPF to trigger a network-wide remotely controlled response to attacks: This statement is also true. RTBH filtering can be triggered using BGP (Border Gateway Protocol) or OSPF (Open Shortest Path First) routing protocols to propagate a route with a null next-hop address. When this route is received by routers throughout the network, they will drop any traffic matching the specified destination address or prefix.

C. It provides a rapid-response technique that can be used in handling security-related events and incidents: This statement is true as well. RTBH filtering provides a quick and effective way to mitigate the impact of a DDoS attack or other security-related event by dropping unwanted traffic at the network edge. This can help reduce the time it takes to identify and respond to an attack, minimizing the impact on the targeted network or service.

D. It requires uRP: This statement is not true. There is no such thing as uRP (unidirectional routing protocol), at least not in the context of RTBH filtering. As mentioned earlier, RTBH filtering can be triggered using BGP or OSPF, which are both bidirectional routing protocols.