Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

Cisco Exam 400-007 Topic 9 Question 37 Discussion

Actual exam question for Cisco's 400-007 exam

Question #: 37
Topic #: 9

[All 400-007 Questions]

A network hacker is trying to interrupt the transport packet on IPSEC. A packet with duplicate sequence numbers is introduced. The customer sends high-priority traffic during this window. Which design parameter should be considered to mitigate this issue?

AClassify and Mark duplicate sequence packets.

BApply anti-replay window 4096.

CRestrict keywork in IPSEC Tunnel.

DIncrease QoS shape policy.

Show Suggested Answer

Suggested Answer: B

by Heike at Apr 20, 2024, 02:36 PM

Limited Time Offer

25%

Off

Get Premium 400-007 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Refugia

5 months ago

I believe restricting keywork in the IPSEC Tunnel could also be a good way to mitigate this issue.

upvoted 0 times

...

Lauryn

5 months ago

But wouldn't it be better to classify and mark duplicate sequence packets instead?

upvoted 0 times

...

Roslyn

5 months ago

I agree with the anti-replay window can help prevent duplicate sequence numbers causing trouble.

upvoted 0 times

...

Beckie

5 months ago

I think we should definitely consider the anti-replay window 4096 to mitigate this issue.

upvoted 0 times

...

Twila

5 months ago

Let's implement these changes as soon as possible to prevent any disruptions.

upvoted 0 times

...

Michell

5 months ago

Agreed, all these measures combined should improve the security of our network.

upvoted 0 times

...

Lashandra

5 months ago

It might be necessary to ensure high-priority traffic is not affected.

upvoted 0 times

...

Ahmed

5 months ago

Should we increase the QoS shape policy as well?

upvoted 0 times

...

Twila

5 months ago

That could also help in mitigating this issue.

upvoted 0 times

...

Michell

6 months ago

What about restricting keywork in IPSEC Tunnel?

upvoted 0 times

...

Lashandra

6 months ago

Yes, that would be a good additional measure.

upvoted 0 times

...

Ahmed

6 months ago

Should we also classify and mark duplicate sequence packets?

upvoted 0 times

...

Twila

6 months ago

We should apply anti-replay window 4096.

upvoted 0 times

...

Lashandra

6 months ago

What design parameter should we consider to mitigate duplicate sequence packets on IPSEC?

upvoted 0 times

Angelyn

5 months ago

C) Restrict keywork in IPSEC Tunnel.

upvoted 0 times

...

Jade

5 months ago

B) Apply anti-replay window 4096.

upvoted 0 times

...

Flo

5 months ago

A) Classify and Mark duplicate sequence packets.

upvoted 0 times

...

...

az-700 pass4success az-104 200-301 200-201 cissp 350-401 350-201 350-501 350-601 350-801 350-901 az-720 az-305 pl-300

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77