Ethical Hacking Essentials Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for your Ethical Hacking Essentials Test. Study with flashcards and multiple choice questions with detailed hints and explanations. Enhance your cybersecurity skills and get ready for your exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following practices is NOT considered a defensive measure against DoS/DDoS attacks?

  1. Enable rate limiting on servers

  2. Disable TCP SYN cookie protection

  3. Monitor network traffic constantly

  4. Implement redundancy in network paths

The correct answer is: Disable TCP SYN cookie protection

Disabling TCP SYN cookie protection is indeed not considered a defensive measure against DoS/DDoS attacks. TCP SYN cookies are a security mechanism that helps to mitigate SYN flood attacks, which are a common type of DoS attack. By enabling SYN cookies, a server can maintain the ability to handle legitimate connection requests while preventing resource exhaustion that occurs when a server gets overwhelmed with half-open connections during an attack. Therefore, disabling this feature would actually leave the server vulnerable to such attacks, making it a poor defensive practice. In contrast, enabling rate limiting on servers, monitoring network traffic, and implementing redundancy in network paths are all proactive strategies to enhance the resilience of a network against attacks. Rate limiting helps to control the amount of traffic that can reach the server during spikes, thus reducing the likelihood of successful attacks. Continuous monitoring of network traffic allows for the early detection of unusual patterns indicative of DDoS attacks, enabling rapid response. Redundancy in network paths ensures that if one route becomes overwhelmed or fails due to an attack, alternative paths can maintain service availability. Each of these practices contributes directly to an organization's defensive posture against DoS/DDoS threats.

More Questions Like This