CertNexus Exam ITS-110 Topic 1 Question 28 Discussion

Actual exam question for CertNexus's ITS-110 exam

Question #: 28
Topic #: 1

An IoT security administrator wishes to mitigate the risk of falling victim to Distributed Denial of Service (DDoS) attacks. Which of the following mitigation strategies should the security administrator implement? (Choose two.)

ABlock all inbound packets with an internal source IP address

BBlock all inbound packets originating from service ports

CEnable unused Transmission Control Protocol (TCP) service ports in order to create a honeypot

DBlock the use of Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) through his perimeter firewall

ERequire the use of X.509 digital certificates for all incoming requests

Show Suggested Answer

Suggested Answer: B

by Christiane at Mar 18, 2024, 05:06 PM

Limited Time Offer

25%

Off

Get Premium ITS-110 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Dorothy

17 days ago

I'm just waiting for the option that says 'Pour maple syrup on your server and hope the DDoS bots get stuck.' That's the kind of outside-the-box thinking I'm looking for.

upvoted 0 times

Belen

13 hours ago

A) Block all inbound packets with an internal source IP address

upvoted 0 times

...

Man

18 days ago

Requiring X.509 digital certificates for all incoming requests? Now we're talking! That's a solid way to authenticate legitimate traffic and weed out the DDoS nonsense.

upvoted 0 times

...

Yuriko

22 days ago

Blocking TCP and UDP through the firewall? Might as well just unplug the internet and call it a day. That's about as effective as trying to stop a fire with a garden hose.

upvoted 0 times

...

Meghan

27 days ago

Enabling unused TCP service ports to create a honeypot? Sounds like a great way to get your server swarmed with bots. I'll pass on that one, thanks.

upvoted 0 times

Kirk

3 days ago

User 3: Blocking inbound packets with internal source IP addresses seems like a safer option.

upvoted 0 times

...

Ilene

7 days ago

User 2: Definitely, I wouldn't want to attract more attacks.

upvoted 0 times

...

Paz

13 days ago

User 1: I agree, creating a honeypot seems risky.

upvoted 0 times

...

Brynn

1 months ago

Blocking all inbound packets with an internal source IP address? That's like putting a padlock on your front door and leaving the back door wide open. Not a very effective DDoS mitigation strategy if you ask me.

upvoted 0 times