Securing the Data Plane in IPv6

Question 1

Can these numbers 2345, 3456 be valid first four characters of a globally routable IPv6 address?

Answer 1

Yes

Question 2

What are the valid first four characters of a link-local address?

Answer 2

FE80

Question 3

What is the default method for determining the interface ID for a link-local address on ethernet?

Answer 3

EUI-64

Question 4

How many groups of four hexadecimal characters does an IPv6 address contain?

Answer 4

8

Question 5

Which routing protocols have both an IPv4 and IPv6 version?

Answer 5

RIP, EIGRP, OSPF

Question 6

Which best practices apply to networks that run both IPv4 and IPv6?

Answer 6

Physical security, Routing protocol authentication, Authorization of administrators, Written security policy

Question 7

Which protocols, if abused, could impair an IPv6 network, but not IPv4?

Answer 7

NDP, Solicited node multicast addresses

Question 8

If a rogue IPv6 router is allowed on the network, which information could be incorrectly delivered to the clients on that network?

Answer 8

IPv6 default gateway, IPv6 DNS server, IPv6 network address

Question 9

Why is tunneling any protocol (including IPv6) through another protocol a security risk?

Answer 9

The innermost contents of the original packets may be hidden from normal security filters, The tunnels, if they extend beyond the network perimeter, may allow undesired traffic through the tunnel

Question 10

What is one method to protect against a rogue IPv6 router?

Answer 10

RA guard