GSEC Exam QuestionsBrowse all questions from this exam

GSEC Exam - Question 45


When considering ingress filtering, why should all inbound packets be dropped if they contain a source address from within the protected network address space?

Show Answer
Correct Answer: B

The reason for dropping all inbound packets containing a source address from within the protected network address space is primarily due to the risk of address spoofing. Deliberately spoofed packets by an attacker can pose a significant threat to the network's security, and such packets originating from the protected network address space indicate that an external source is pretending to be part of the internal network. This is captured by option B (The packets may be deliberately spoofed by an attacker) and C (The packets may have been accidentally routed onto the Internet). Therefore, the correct answer is B and C.

Discussion

1 comment
Sign in to comment
xzibOption: A
Jun 19, 2024

A. The packets are probably corrupted. B. The packets may have been accidentally routed onto the Internet. C. The packets may be deliberately spoofed by an attacker. D. The packets are a sign of excess fragmentation.