CompTIA CySA+ (CS0-002) — Question 117

A company recently experienced multiple DNS DDoS attacks, and the information security analyst must provide a DDoS solution to deploy in the company's data center. Which of the following would BEST prevent future attacks?

Answer options

• A. Route the queries on the DNS server to 127.0.0.1.
• B. Buy a UTM to block the number of requests.
• C. Call the internet service provider to block the attack.
• D. Configure a sinkhole on the router.

Correct answer: D

Explanation

Configuring a sinkhole on the router is the best option because it can redirect malicious traffic away from the network, effectively mitigating the impact of DDoS attacks. Routing DNS queries to 127.0.0.1 would not address the attack, while buying a UTM may help but not specifically target DNS DDoS. Contacting the ISP can be useful, but it is not a proactive solution compared to setting up a sinkhole.