An organization reports excessive data arriving from many remote addresses, leading to frequent shutdowns. Which tactic best secures continued operations?
Use an external service that detects harmful flows
Filter incoming requests from a static file on each host
Increase allowable sessions at perimeter equipment
Using a specialized external service to detect suspicious traffic ensures harmful flows are rejected before reaching internal infrastructure. This reduces overload on local systems. Filtering requests on each host relies on static entries that become ineffective when attackers rotate addresses. Simply adding capacity may delay problems but does not stop harmful data. Raising connection thresholds can also block legitimate users when a surge overwhelms the system.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a harmful flow in the context of cybersecurity?
Open an interactive chat with Bash
How does an external service detect and block harmful flows?
Open an interactive chat with Bash
Why is filtering requests on each host not effective against attacks with rotating addresses?