ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 1029 discussion

Actual exam question from Isaca's CISM
Question #: 1029
Topic #: 1
[All CISM Questions]

Which of the following is a viable containment strategy for a distributed denial of service (DDoS) attack?

  • A. Block IP addresses used by the attacker.
  • B. Disable firewall ports exploited by the attacker.
  • C. Power oft affected servers.
  • D. Redirect the attacker's traffic.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by richck102 at Nov. 20, 2023, 2:19 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AlexJacobson
9 months, 1 week ago
Selected Answer: D
Redirect traffic to a "black hole". Blackholing involves redirecting traffic to a “black hole” or null route, which drops all traffic to the targeted IP address or range. This technique is used to prevent malicious traffic from reaching the targeted network or system during a DDoS attack.
upvoted 1 times
...
blehbleh
9 months, 3 weeks ago
Selected Answer: D
I get the idea behind A but is says distributed denial of service (DDOS) attack. We don't know how many IPs are being utilized or the size of the attack. Therefore redirecting the attack would be simpler than trying to block each IP that we associate with the attack.
upvoted 2 times
...
koala_lay
10 months, 3 weeks ago
Selected Answer: D
A viable containment strategy for a distributed denial of service (DDoS) attack is to D. redirect the attacker's traffic. Redirecting the attacker's traffic involves rerouting the malicious traffic away from the target servers or network infrastructure. This can be done by implementing techniques such as traffic scrubbing or utilizing specialized DDoS mitigation services. By redirecting the attacker's traffic, the impact on the targeted servers or network is minimized, allowing legitimate traffic to flow smoothly.
upvoted 4 times
...
Uncle_Lucifer
11 months ago
Selected Answer: D
don't mistake containment with preventive measures. Blocking IP will prevent attack but not contain it Redirecting it contains the attack, gives you time to analyze the issue
upvoted 2 times
...
Soleandheel
11 months, 1 week ago
D. Redirect the attacker's traffic makes more sense. You can redirect the unwanted traffic to a DNS sinkhole for example.
upvoted 2 times
...
richck102
11 months, 2 weeks ago
Selected Answer: D
D. Redirect the attacker's traffic.
upvoted 2 times
Cyberbug2021
11 months, 2 weeks ago
How? - Blocking the port and ip is the way to go
upvoted 2 times
CISSPST
10 months, 1 week ago
Agreed. The keyword being VIABLE. Redirecting is an more advanced while blocking is straightforward, quick and effective.
upvoted 1 times
AlexJacobson
9 months, 1 week ago
So you're actually gonna go ahead and block potentially tens of thousands IP addresses? Not to mention that IPs are easily changed. DDoS protection is all about blackholing the traffic (i.e. redirecting it to a "black hole"). So D is correct.
upvoted 1 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago