Crucial Exams

Certified Ethical Hacker (CEH) Practice Question

An organization wants the ISP to automatically stop large UDP amplification floods before the attack saturates the 1 Gbps access circuit. The ISP already supports both remotely triggered black-hole (RTBH) routing and BGP FlowSpec. Which mitigation technique should the organization request to block only the malicious packets while still allowing legitimate traffic to reach the target subnet?

  • Ask the ISP to deploy a BGP FlowSpec filter that matches the attack's UDP port and packet size.

  • Implement source-based RTBH that drops traffic from the spoofed reflection networks.

  • Inject a /32 null route via destination-based RTBH so the ISP discards all traffic to the victim host.

  • Activate host-based firewall rate limiting on the target server to throttle inbound UDP packets.

Certified Ethical Hacker (CEH)
Network and Perimeter Hacking
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot