ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 500-490 All Questions

View all questions & answers for the 500-490 exam
Go to Exam

Exam 500-490 topic 1 question 3 discussion

Actual exam question from Cisco's 500-490
Question #: 3
Topic #: 1
[All 500-490 Questions]

Which two statements regarding Cisco SD-WAN vEdge routers can mitigate DoS attacks against the infrastructure? (Choose two.)

  • A. Open Certificate Authority and automated enrollment feature.
  • B. By default, all incoming traffic is denied at the transport (WAN) side interfaces.
  • C. Only authorized controllers are allowed to communicate back to the vEdge router after the vEdge router establishes connections with the controllers.
  • D. In case of direct Internet access, the only traffic allowed back is the traffic matching the state table entries on the vEdge router.
  • E. The vEdge routers run on hardened Linux operating systems.
Show Suggested Answer Hide Answer
Suggested Answer: CD 🗳️
by Marcorick at June 18, 2021, 9:55 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
GSouza
7 months, 3 weeks ago
Selected Answer: CE
Slide 86 or video Cisco SD-WAN: Reinventing WAN Security-Partner - Video below @3:58 he says: "Building on the principles of zero-trust, vEdge routers provide effective barrier to prevent denial of service attacks against the infrastructure. vEdge routers are locked down appliances that run on a hardened Linux operating system..." and "...As the vEdge router reaches out to controllers and establishes TLS/DTLS connection, it automatically adjusts the kernel level filters to allow this traffic back into the router. Only authorized controllers are allowed to communicate back to the vEdge router..." https://salesconnect.cisco.com/sc/s/learning-activity-from-plan?ltui__urlRecordId=a1O8c00000BDOt0EAH&ltui__urlRedirect=learning-activity-from-plan&ltui__parentUrl=learning-plan-detail-standard
upvoted 1 times
...
TMe392
1 year, 6 months ago
Selected Answer: CD
based on BRKRST-2377.pdf
upvoted 1 times
...
kejvi
2 years ago
Selected Answer: CD
vEdge runs Viptela OS, not linux
upvoted 1 times
...
MyKasala
2 years, 9 months ago
Selected Answer: CD
Correct: C&D
upvoted 1 times
...
DeviantSpy
3 years, 2 months ago
Selected Answer: CD
Agreeing with some others.
upvoted 1 times
...
aliG
3 years, 8 months ago
B & E?
upvoted 1 times
...
helpmmg
3 years, 9 months ago
C & D: Only traffic that matches NAT table entries allowed back in. This is predicated on the fact the traffic originated on internal, trusted, vEdge routers.
upvoted 3 times
sat_be
3 years, 7 months ago
See here, Page 31: https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKRST-2377.pdf
upvoted 2 times
...
...
Marcorick
3 years, 10 months ago
BC is the correct answer
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago