CCIE Practice Test 2025 – Complete Exam Prep Resource

The choice that indicates monitoring normal traffic flow and aggressively dropping sustained abnormally high traffic streams from multiple hosts is correct because it highlights the proactive nature of Scavenger-class Quality of Service (QoS) in dealing with denial-of-service (DoS) and worm attacks.

In network environments, Scavenger-class QoS is designed to handle excess or non-critical traffic, especially when under stress from potential attacks. By continuously monitoring the usual patterns of network traffic and identifying any significant deviations—such as an influx of simultaneous requests or the rapid generation of traffic from multiple sources—this method can help maintain overall network performance and usability.

When a sudden spike in traffic is detected that exceeds normal thresholds, especially if that spike originates from a large number of hosts (a common characteristic of DoS and worm attacks), the system can take necessary actions to mitigate the impact. This involves aggressively dropping or limiting that excess traffic to ensure that legitimate traffic can continue to flow unhindered, thereby preserving network availability.

The effectiveness of this approach lies in its ability to differentiate between regular traffic patterns and abnormal surges, enabling the QoS mechanisms to act swiftly in response to potential threats without requiring complex rules or individual host tracking. This helps in maintaining a robust defense against widespread