Which option best describes how to avoid private networks from being advertised on the internet?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Which option best describes how to avoid private networks from being advertised on the internet?

Explanation:
Preventing leakage of private address spaces into the global internet is achieved by ensuring RFC1918 prefixes are not advertised through your routing system. The best approach is to remove or filter route advertisements for these private prefixes before they reach upstream providers. In practice, you implement BGP filtering with prefix-lists or route-maps to deny announcements of 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. This stops other networks from learning those private routes, reducing misrouting and exposure. NAT translates private addresses to public ones for traffic leaving your network, but it does not inherently prevent the routing system from advertising private space if misconfigurations occur. Placing private networks behind proxy servers addresses access patterns rather than routing advertisements. Using registered public addresses would require exposing private networks publicly, which is the opposite of the goal.

Preventing leakage of private address spaces into the global internet is achieved by ensuring RFC1918 prefixes are not advertised through your routing system. The best approach is to remove or filter route advertisements for these private prefixes before they reach upstream providers. In practice, you implement BGP filtering with prefix-lists or route-maps to deny announcements of 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. This stops other networks from learning those private routes, reducing misrouting and exposure.

NAT translates private addresses to public ones for traffic leaving your network, but it does not inherently prevent the routing system from advertising private space if misconfigurations occur. Placing private networks behind proxy servers addresses access patterns rather than routing advertisements. Using registered public addresses would require exposing private networks publicly, which is the opposite of the goal.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy