RFC 2827 Statements
Question
Which two statements about RFC 2827 are true? (Choose two.)
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E.BD.
RFC 2827 is a document that defines guidelines for filtering packets at the network edge to prevent IP address spoofing. IP spoofing occurs when a packet's source IP address is altered to appear to be from a different source. This technique can be used to carry out attacks such as denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks.
Here are the two true statements about RFC 2827:
A. RFC 2827 defines egress packet filtering to safeguard against IP spoofing.
Egress filtering refers to the filtering of packets leaving a network. RFC 2827 recommends that egress filtering be used to prevent packets with spoofed IP addresses from leaving the network. This can be achieved by configuring edge routers to filter outbound traffic and drop packets with source addresses that are not assigned to the network.
B. A corresponding practice is documented by the IETF in BCP 38.
Best Current Practice (BCP) 38 is a document published by the Internet Engineering Task Force (IETF) that describes a set of recommendations for preventing IP spoofing. BCP 38 is based on RFC 2827 and provides guidance on implementing egress filtering and ingress filtering at the network edge.
C, D, and E are false statements because:
C. RFC 2827 does not define ingress packet filtering for multihomed networks.
Ingress filtering refers to the filtering of packets entering a network. While RFC 2827 recommends the use of ingress filtering to prevent IP spoofing, it does not specifically address ingress filtering for multihomed networks.
D. RFC 2827 does not define ingress packet filtering to defeat DoS attacks using IP spoofing.
While ingress filtering can be used to prevent DoS attacks that rely on IP spoofing, RFC 2827 does not define this technique as a way to defeat DoS attacks. Rather, it recommends egress filtering to prevent packets with spoofed IP addresses from leaving the network.
E. A corresponding practice is not documented by the IETF in BCP 84.
BCP 84 is a document published by the IETF that describes best current practices for filtering IPv6 packets. It does not specifically address IP spoofing or provide recommendations for preventing it.
