An organization is hosting a cloud-based web server infrastructure that provides web-hosting solutions. Sudden continuous bursts of traffic have caused the web servers to saturate CPU and network utilizations. Which of the following should be implemented to prevent such disruptive traffic from reaching the web servers?
Implementing DDoS protection would be the best solution to prevent sudden continuous bursts of traffic from saturating CPU and network utilizations of web servers. DDoS protection is specifically designed to detect and mitigate large volumes of malicious traffic aiming to overwhelm web servers, therefore ensuring that legitimate traffic can still reach and interact with the servers without causing disruption.
B is the most related, even though a "continuous burst of traffic" doesn't automatically mean DDoS. QoS is related to prioritizing specific internal traffic (phone calls), NAC worries about WHO's allowed in, DLP worries about what's allowed out, and microsegmentation is more of a zero-trust idea.
B. DDoS protection: Distributed Denial of Service (DDoS) protection is specifically designed to detect and mitigate large volumes of traffic that can overwhelm web servers. DDoS protection solutions can filter out malicious traffic, allowing legitimate traffic to reach the servers and ensuring continued availability and performance.
DDoS Protection: This specifically targets distributed denial-of-service attacks, which are characterized by sudden and continuous bursts of traffic aimed at overwhelming web servers. It filters and mitigates malicious traffic before it reaches the servers,