Which of the following features prevent attacks that consume CPU and memory resources? (Select 2 choices.)

Last Updated on August 3, 2021 by Admin 3

Which of the following features prevent attacks that consume CPU and memory resources? (Select 2 choices.)

  • CoPP
  • CPPr
  • CPU Threshold Notifications
  • Memory Threshold Notifications
Explanation:
Control Plane Policing (CoPP) and Control Plane Protection (CPPr) prevent attacks that consume CPU and memory resources. Both CoPP and CPPr use class maps to filter and ratelimit traffic. However, CPPr separates control plane traffic into three subinterfaces: the host subinterface, the transit subinterface, and the Cisco Express Forwarding (CEF)exception subinterface. For this reason, Cisco recommends that you use CPPr instead of CoPP whenever possible. To configure CPPr, you must perform the following steps:
– Create access control lists (ACLs) to identify traffic.
– Create a traffic class.
– Create a traffic policy, and associate the traffic class to the policy.
– Apply the policy to the specific control plane subinterface.
CoPP is similar to CPPr, except CoPP does not separate control plane traffic into three subinterfaces. To configure CoPP, you must perform the following steps:
– Create ACLs to identify traffic.
– Create a traffic class.
– Create a traffic policy, and associate the traffic class to the policy.
– Apply the policy to the control plane interface.

The host subinterface contains control plane IP traffic that is destined for a router interface, including traffic from the following sources and protocols:
– Terminating tunnels
– Secure Shell (SSH)
– Simple Network Management Protocol (SNMP)
– Internal Border Gateway Protocol (iBGP)
– Enhanced Interior Gateway Routing Protocol (EIGRP)
The transit subinterface contains control plane IP traffic that is traversing the router, including the following traffic:
– Nonterminating tunnel traffic
– Traffic that is softwareswitched by the route processor
The CEFexception subinterface contains control plane traffic redirected by CEF for process switching, including traffic from the following sources and protocols:
– NonIP hosts
– Address Resolution Protocol (ARP)
– External BGP (eBGP)
– Open Shortest Path First (OSPF)
– Label Distribution Protocol (LDP)
– Layer 2 keepalives

CPU Threshold Notifications and Memory Threshold Notifications do not prevent attacks that consume CPU and memory resources. However, these features can automatically send notifications if excessive CPU or memory consumption is detected. Excessive resource consumption could occur if CoPP or CPPr protection features have been circumvented or are misconfigured. Notifications are typically sent as SNMP trap messages.

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments