Which Cisco feature can help mitigate spoofing attacks by verifying symmetry of the traffic path?

Which Cisco feature can help mitigate spoofing attacks by verifying symmetry of the traffic path?
A . Unidirectional Link Detection
B . Unicast Reverse Path Forwarding
C . TrustSec
D . IP Source Guard

View Answer

Answer: B

Explanation:

Unicast Reverse Path Forwarding (uRPF) can mitigate spoofed IP packets. When this feature is enabled on an interface, as packets enter that interface the router spends an extra moment considering the source address of the packet. It then considers its own routing table, and if the routing table does not agree that the interface that just received this packet is also the best egress interface to use for forwarding to the source address of the packet, it then denies the packet. This is a good way to limit IP spoofing.

Source: Cisco Official Certification Guide, Table 10-4 Protecting the Data Plane, p.270