A security team is concerned about recent Layer 4 DDoS attacks against the company website. Which of the following controls would best mitigate the attacks?
While CDNs excel in mitigating Layer 7 (application-layer) attacks, their effectiveness against Layer 4 attacks is limited. They can help absorb traffic, but they don't typically mitigate the core issue of Layer 4 floods as well as firewall rules or network-level defenses.
I changed the answer to C because of the reasoning and facts by Gemini: Limited Layer 4 Capabilities: While CDNs are primarily designed for Layer 7 (application layer) protection, some modern CDNs also offer Layer 4 DDoS mitigation capabilities. They can use techniques like rate limiting, SYN flood protection, and UDP flood mitigation to defend against Layer 4 attacks.
Geographic Distribution: CDNs' distributed nature can help absorb and distribute traffic, making it more difficult for attackers to overwhelm a single point of entry.
According the GPT-4o it's A) Firewall rules. It says:
"Firewalls (especially stateful firewalls) can be configured to detect anomalies in TCP handshakes (e.g., SYN floods) and block or rate-limit malicious hosts at Layer 4 before the traffic overwhelms downstream resources. This is typically the front line of defense for volumetric attacks."
And regarding CDN:
"Content Delivery Networks (CDNs) primarily help with HTTP-based (Layer 7) load distribution and caching. While many CDNs also offer DDoS protection services, they are generally more focused on mitigating application-layer attacks rather than pure volumetric Layer 4 floods."
CDN = Layer 7. Deploying CDN will not mitigate attacks, will improve availability.
Firewall = Layer 4. By using firewall rules you will mitigate the attack.
C is correct. CDNs offer protection against DDoS attacks by distributing network traffic across several servers. This distribution of traffic ensures that no single server bears the brunt of an attack, reducing the likelihood of a successful DDoS attack.
I agree with CDN. It can block or rate-limit traffic from known malicious IP addresses, preventing them from overwhelming the network. It filter traffic based on protocols and detect unusual patterns that indicate a DDoS attack, allowing for quick mitigation. Automated tools within the CDN infrastructure can detect and respond to DDoS attacks in real-time, reducing response time and minimizing the attack’s impact.
The answer is C: CDN. Akamai and Cloudflare offers DDoS protection by using CDN to offload the traffic on their infrastructure and routing it through a null interface. Using proxy and caches you can mitigate a DDoS
Roll out a CDN (Content Delivery Network) is usually the most effective. CDNs can help distribute network traffic across a network of distributed servers. This can effectively mitigate DDoS attacks by dispersing the traffic geographically and making it more difficult for attackers to overwhelm a single point of the network. Additionally, many CDN providers offer DDoS protection as part of their services, with the ability to absorb large amounts of traffic and to identify and block malicious traffic patterns.
On the study guide that is a page with questions on it. Page 419? Are you sure? Maybe it's the paper version because I have the ebook. There's no mention of Cdn in either the Comptia study guide or the certmaster practice.
For mitigating Layer 4 Distributed Denial of Service (DDoS) attacks, blocking the attacks using firewall rules is a common and effective measure. Firewalls can be configured to filter and block traffic based on various criteria, such as IP addresses, protocols, and ports. By setting up appropriate firewall rules, the security team can prevent malicious traffic associated with Layer 4 DDoS attacks from reaching the targeted website, thereby protecting the network infrastructure and ensuring the availability of the service.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
cy_analyst
3 months agocy_analyst
2 months, 3 weeks agoyeahnodontthinkso
1 week, 5 days agoILOVECOMPTIA
3 months, 2 weeks agoLilik
4 months, 4 weeks agomaggie22
6 months, 4 weeks agoRiccardoBellitto
8 months, 2 weeks agoEduardoo7
9 months agosection8santa
9 months agoBogus1488
9 months, 2 weeks agoKmelaun
8 months, 3 weeks agocy_analyst
3 months agoOdisman1
9 months, 3 weeks agobettyboo
9 months, 3 weeks agoFranky30
10 months, 1 week agomadx411
10 months, 2 weeks agonarst
10 months, 3 weeks ago