Cisco Certified Internetwork Expert (CCIE) Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Master the Cisco Certified Internetwork Expert Exam. Engage with our comprehensive questions and detailed explanations. Prepare effectively and achieve your certification goals!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

How does Scavenger-class QoS mitigate DoS and worm attacks?

  1. It matches traffic from individual hosts against the specific network characteristics of known attack types

  2. It sets an intrusion detection mechanism and applies the appropriate ACL when matching traffic is detected

  3. It monitors normal traffic flow and drops burst traffic above the normal rate for a single host

  4. It monitors normal traffic flow and aggressively drops sustained abnormally high traffic streams from multiple hosts

The correct answer is: It monitors normal traffic flow and aggressively drops sustained abnormally high traffic streams from multiple hosts

The choice that indicates monitoring normal traffic flow and aggressively dropping sustained abnormally high traffic streams from multiple hosts is correct because it highlights the proactive nature of Scavenger-class Quality of Service (QoS) in dealing with denial-of-service (DoS) and worm attacks. In network environments, Scavenger-class QoS is designed to handle excess or non-critical traffic, especially when under stress from potential attacks. By continuously monitoring the usual patterns of network traffic and identifying any significant deviations—such as an influx of simultaneous requests or the rapid generation of traffic from multiple sources—this method can help maintain overall network performance and usability. When a sudden spike in traffic is detected that exceeds normal thresholds, especially if that spike originates from a large number of hosts (a common characteristic of DoS and worm attacks), the system can take necessary actions to mitigate the impact. This involves aggressively dropping or limiting that excess traffic to ensure that legitimate traffic can continue to flow unhindered, thereby preserving network availability. The effectiveness of this approach lies in its ability to differentiate between regular traffic patterns and abnormal surges, enabling the QoS mechanisms to act swiftly in response to potential threats without requiring complex rules or individual host tracking. This helps in maintaining a robust defense against widespread

More Questions Like This