Security Considerations for Configuring Lawful Intercept on Internet Facing Routers

Security Issues and Lawful Intercept Configuration for Internet Facing Routers

Question

An engineer is tasked with configuring Lawful Intercept on the internet facing routers.

Which two security issues must the engineer take into consideration? (Choose two.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

DE.

Lawful Intercept is a process in which authorized law enforcement agencies can monitor the communication of certain individuals or groups for the purpose of investigating and preventing crime. When configuring Lawful Intercept on internet-facing routers, the engineer needs to consider security issues to ensure that the process is conducted in a secure and reliable manner. The two security issues that the engineer should consider are:

  1. Encryption might be required depending on the request (Option B): The intercepted traffic may contain sensitive information, such as personal data, trade secrets, or classified information. Therefore, the communication between the Lawful Intercept Management Device (MD) and the Content IAP (Intercept Access Point) should be encrypted to prevent unauthorized access or interception. Depending on the request, the encryption level may vary, and the engineer should ensure that the encryption is compatible with the hardware and software of the routers and the MD.

  2. QoS and CoPP should be implemented to protect and optimize the tasks (Option F): The Lawful Intercept process may generate a significant amount of traffic and impose a high load on the routers. Therefore, the engineer should implement Quality of Service (QoS) and Control Plane Policing (CoPP) to prioritize and protect the Lawful Intercept traffic and prevent it from affecting the normal traffic or causing denial-of-service attacks. QoS ensures that the Lawful Intercept traffic is given higher priority and bandwidth than the other traffic, while CoPP limits the rate and size of the packets sent to the router's control plane to prevent buffer overflow and CPU exhaustion.

The other options in the list are incorrect:

A. A new and dedicated loopback interface is required to communicate with the MD device. This option is incorrect because a loopback interface is not required to communicate with the MD device. The MD device can communicate with the router's physical interface, which is connected to the Content IAP.

C. SNMPv2c should be enabled in order to provide the correct message format. This option is incorrect because SNMP (Simple Network Management Protocol) is not used for Lawful Intercept. SNMP is a protocol used for network management and monitoring, while Lawful Intercept is a security feature used for law enforcement.

D. Default SNMP does not include all the MIB references needed to respond to the request. This option is incorrect for the same reason as option C.

E. The communication between the MD and the Content IAP happens over UDP port 161. This option is incorrect because UDP port 161 is used for SNMP, not for Lawful Intercept. Lawful Intercept uses its own set of protocols and ports, which may vary depending on the specific implementation and configuration.