Certified SOC Analyst (CSA) — Question 58
Ray is a SOC analyst in a company named Queens Tech. One Day, Queens Tech is affected by a DoS/DDoS attack. For the containment of this incident, Ray and his team are trying to provide additional bandwidth to the network devices and increasing the capacity of the servers.
What is Ray and his team doing?
Answer options
- A. Blocking the Attacks
- B. Diverting the Traffic
- C. Degrading the services
- D. Absorbing the Attack
Correct answer: D
Explanation
Ray and his team are increasing bandwidth and server capacity, which indicates they are trying to absorb the attack rather than block it or divert traffic. The other options, such as blocking the attacks or degrading services, do not align with the actions they are taking to manage the DDoS incident.