A network administrator configures uRPF on a Cisco router interface with the ip verify unicast source reachable-via rx allow-default command to eliminate spoofed IP packets on a network. Which conclusion can be drawn from this configuration?

A network administrator configures uRPF on a Cisco router interface with the ip verify unicast source reachable-via rx allow-default command to eliminate spoofed IP packets on a network. Which conclusion can be drawn from this configuration?

• The security feature uRPF is configured with loose mode, and the route for return traffic is chosen based on a default route.
• The security feature uRPF is configured with strict mode ,and the return path is associated with an interface chosen based on a default route.
• The security feature uRPF is configured with loose mode, and return traffic will take a route other than one based on a default route.
• The security feature uRPF is configured with strict mode, and the return path is associated with an interface other than a default route.

Explanation: The uRPF configuration is applied on an interface-by-interface basis with the ip verify unicast source reachable-via { rx | any } [ allow-default ] [ allow-self-ping ] [list ] command. For strict mode, the rx option should be used, and for loose mode the any option should be used. The allow-default option is used when the return path is associated with an interface that is chosen based on a default route.

Exam with this question: CCNP Enterprise: Advanced Routing (Version 8.0) – Infrastructure Security and Management Exam