An organization has experienced multiple distributed denial-of-service (DDoS) attacks in recent months that have impact of their public-facing web and e-commerce sites that were previously all on-premises. After an analysis of the problems, the network engineers have recommended that the organization implement additional name service providers and redundant network paths. What is another recommendation that helps ensure the future availability of their web and e-commerce sites?
Going with C Reviewing service-level agreements (SLAs) with cloud service providers is also important, but it is not directly related to the goal of ensuring the future availability of their web and e-commerce sites in the face of DDoS attacks.
C is correct
Agreed. C
C is correct
D. The cloud service provider such as Azure or AWS can mitigate these attacks: https://www.stormit.cloud/blog/cloud-ddos-protection-how-to-mitigate-all-risks/
I think it's D. Supporters of D, please make sure to cast your votes. Switch to voting comments and just select your choice, okay?
D is the answer: Reviewing SLAs will allow assessing and potentially strengthening the uptime and response commitments from cloud providers. SLAs can stipulate availability metrics, response times, mitigation capabilities, and penalties for the provider. This helps contractually ensure and incentivize availability of the hosted services during a DDoS attack. Signature-based detection by itself has limited ability to mitigate DDoS attacks: -DDoS attacks rely on flooding infrastructure with high volumes of traffic from distributed sources. -This doesn't necessarily rely on known attack signatures. -Signatures focus on detecting specific known malicious payloads or behavior patterns. -DDoS can use varying protocols and payload patterns. -The high volume and distributed nature of DDoS makes signature analysis technically challenging to keep up with traffic speed and volume.
C. Review current detection strategies and employ signature-based techniques Reviewing detection strategies and employing signature-based techniques is a more direct and effective measure to address DDoS attacks and enhance the availability of web and e-commerce sites. Signature-based techniques can help identify known attack patterns and allow for a more proactive response.
While reviewing service-level agreements (SLAs) with cloud service providers is important, it is not directly related to the goal of ensuring the future availability of web and e-commerce sites in the face of DDoS attacks. On the other hand, "C. Review current detection strategies and employ signature-based techniques" is a more relevant recommendation
Answer C: Review current detection strategies and employ signature-based techniques. https://ieeexplore.ieee.org/abstract/document/9511420 https://www.researchgate.net/profile/Mohammed-Alenezi-5/publication/352312016_Methodologies_for_detecting_DoSDDoS_attacks_against_network_servers/links/60c31c9ba6fdcc2e6131a793/Methodologies-for-detecting-DoS-DDoS-attacks-against-network-servers.pdf If the cloud provider was a CDN to prevent DDOS attacks, they wouldn't have "experienced multiple distributed denial-of-service (DDoS) attacks" so reviewing the SLA wont address the problem.
Here's why: SLAs define the services offered and the level of commitment from the cloud provider. In the context of DDoS attacks, the SLA should specify how the provider will handle such attacks and what level of uptime they guarantee during such events. Reviewing the SLA can help identify any gaps in protection. For example, the SLA might not cover certain types of DDoS attacks or might have limitations on how much mitigation they offer. Based on the review, the organization can negotiate with the cloud provider to improve their DDoS protection mechanisms or potentially explore alternative providers with more robust DDoS mitigation capabilities.
C. Signature-based techniques: While signature-based detection can be helpful for known attack patterns, it might not be effective against novel DDoS attacks. A more comprehensive approach that combines signature-based with anomaly-based detection is often recommended.
C will better help ensure avialability of the web app.