Smith is an IT security consultant who has been hired on by an ISP that has recently been plagued by numerous DoS attacks. The ISP did not have the internal resources to prevent future attacks, so they hired Smith for his expertise. Smith looks through the company’s firewall logs and can see from the patterns that the attackers were using reflected DoS attacks. What measures can Smith take to help prevent future reflective DoS attacks against the ISP’s network?
A. Smith needs to tell the ISP to block all UDP traffic coming in on port 1001 to prevent future reflective DoS attacks against their network.
B. Smith should configure the ISP’s firewall so that it blocks FIN packets that are sent to the broadcast address of the company’s internal IP range.
C. Smith should have them configure their network equipment to recognize SYN source IP addresses that never complete their connections.
D. Smith should have the ISP block port 443 on their firewall to stop these DoS attacks.
Related Course
Certified Ethical Hacker v9
CEH v9 Question of the Week Series
- CEH v9 Question of the Week: Retina Scanners
- CEH v9 Question of the Week: Employee Behavior
- CEH v9 Question of the Week: CVE-2007-2447
- CEH v9 Question of the Week: SQL Injection
- CEH v9 Question of the Week: Web Application Penetration Testing
- CEH v9 Question of the Week: iptables
- CEH v9 Question of the Week: Examine Streams of Packets
- CEH v9 Question of the Week: Scans
- CEH v9 Question of the Week: SQL Injection
- CEH v9 Question of the Week: Standard Risk Assessment
- CEH v9 Question of the Week: Penetration Testing
- CEH v9 Question of the Week: SMB Over TCP/IP
- CEH v9 Question of the Week: Block Cipher
- CEH v9 Question of the Week: Prevent Future DoS Attacks