After an external IT audit, to mitigate DDoS attacks, which countermeasure would you implement?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Enhance your knowledge as a Computer Hacking Forensic Investigator with the CHFI v11 Test. Use flashcards and multiple-choice questions, complete with hints and detailed explanations, to prepare effectively and ace your exam!

Multiple Choice

After an external IT audit, to mitigate DDoS attacks, which countermeasure would you implement?

Explanation:
Direct broadcasts can be abused to fuel DDoS attacks, specifically through reflection and amplification techniques like the classic Smurf attack. When directed broadcasts are allowed, an attacker can send a spoofed ICMP request to the broadcast address of a subnet, and every host in that subnet replies to the intended victim, massively increasing the traffic directed at that target. Disabling directed broadcasts eliminates that amplification path. Without the ability to broadcast to all hosts in a subnet, the attack vector is removed and the network becomes much less susceptible to this form of DDoS. Enabling or disabling BGP doesn’t directly address this amplification mechanism. BGP is about routing between networks and doesn’t stop spoofed traffic or reflection-based floods. So the most effective move in this scenario is to disable directed broadcasts to reduce exposure to this DDoS vector.

Direct broadcasts can be abused to fuel DDoS attacks, specifically through reflection and amplification techniques like the classic Smurf attack. When directed broadcasts are allowed, an attacker can send a spoofed ICMP request to the broadcast address of a subnet, and every host in that subnet replies to the intended victim, massively increasing the traffic directed at that target.

Disabling directed broadcasts eliminates that amplification path. Without the ability to broadcast to all hosts in a subnet, the attack vector is removed and the network becomes much less susceptible to this form of DDoS.

Enabling or disabling BGP doesn’t directly address this amplification mechanism. BGP is about routing between networks and doesn’t stop spoofed traffic or reflection-based floods. So the most effective move in this scenario is to disable directed broadcasts to reduce exposure to this DDoS vector.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy