H2+ Variation in Section 4.1

I just got a message from my friend, he took exam in last week and got H2+, he said with me in section 4.1, Cisco was asked as below:

Configure the network as per the following requirements:
• Protect R17’s control-plane from TTL expiry attacks so that match IP packets with a TTL of 0 or 1 are dropped before the CPU processes them.
• Legit packets include expected control protocols running on the link.
• Not allowed to configure “deny” statement.

Any I deal about this situation? Please share.

Quote:

---

Originally Posted by Nobita

I just got a message from my friend, he took exam in last week and got H2+, he said with me in section 4.1, Cisco was asked as below:

Configure the network as per the following requirements:
• Protect R17’s control-plane from TTL expiry attacks so that match IP packets with a TTL of 0 or 1 are dropped before the CPU processes them.
• Legit packets include expected control protocols running on the link.
• Not allowed to configure “deny” statement.

Any I deal about this situation? Please share.

---

That is my solution for this variation

**Hidden Content: Thanks to see the content**

Thank for sharing.

Quote:

---

Originally Posted by Robin

That is my solution for this variation

***Hidden content cannot be quoted.***

---

Thanks, any ideals if Cisco ask: Not allowed to configure “permit” statement

Quote:

---

Originally Posted by Nobita

Thanks, any ideals if Cisco ask: Not allowed to configure “permit” statement

---

some guys just mentioned about this statement. but from my view, I don't think: there is a solution for this statement. anyone have ideal about this case?

Thanks for sharing

Thanks for sharing

Quote:

---

Originally Posted by Robin

That is my solution for this variation

***Hidden content cannot be quoted.***

---

Thanks for solution.

thanks for sharing

Thanks for solution. !!