What can an administrator do to ensure that ICMP DoS attacks from the outside are mitigated as much as possible, without hampering connectivity tests initiated from the inside out?
- Create an access list permitting only echo reply and destination unreachable packets from the outside.
- Create an access list denying all ICMP traffic coming from the outside.
- Permit ICMP traffic from only known external sources.
- Create an access list with the established keyword at the end of the line.
Exam with this question: CCNA Discovery 3: DRSEnt Chapter 8 Exam