A company’s online service is under a multi-vector DoS attack using SYN floods and HTTP GET floods. Firewalls and IDS cannot stop the outage. What advanced defense should the company implement?
A.
Configure the firewall to block all incoming SYN packets from external IPs
B.
Use DDoS mitigation services that offer multi-layer protection
C.
Deploy a Web Application Firewall (WAF) with anomaly detection
D.
Increase server bandwidth and apply basic rate limiting
CEH v13 highlights that multi-vector DDoS attacks require multi-layer DDoS mitigation services, often cloud-based, capable of analyzing, filtering, and scrubbing traffic across network, transport, and application layers. These providers maintain massive bandwidth capacity, global scrubbing centers, and behavioral analysis engines that distinguish legitimate sessions from malicious floods. SYN floods and HTTP GET floods require different mitigation techniques simultaneously, which typical firewalls or WAFs cannot handle without dropping legitimate traffic. Blocking SYN packets (Option A) would disrupt normal users. A WAF (Option C) handles only Layer 7 traffic and does not mitigate network-layer volumetric attacks. Increasing bandwidth (Option D) is ineffective against large botnet attacks. Therefore, deploying a multi-layer cloud DDoS protection service is the most effective solution for resilient, real-time mitigation.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit