CompTIA Security+ (SY0-501) — Question 1041

A bank is experiencing a DoS attack against an application designed to handle 500 IP-based sessions. in addition, the perimeter router can only handle 1Gbps of traffic.
Which of the following should be implemented to prevent a DoS attacks in the future?

Answer options

• A. Deploy multiple web servers and implement a load balancer
• B. Increase the capacity of the perimeter router to 10 Gbps
• C. Install a firewall at the network to prevent all attacks
• D. Use redundancy across all network devices and services

Correct answer: D

Explanation

Implementing redundancy across all network devices and services (D) is effective in mitigating the impact of DoS attacks by ensuring that if one component fails or is overwhelmed, others can take over. Increasing the perimeter router's capacity (B) might help with bandwidth, but it does not prevent attacks. Deploying multiple web servers with a load balancer (A) can distribute traffic but does not address the underlying issue of redundancy. A firewall (C) can block certain types of attacks but is not foolproof against all DoS methods.