Certified Information Security Manager (CISM) — Question 1021

Which of the following would be MOST effective in reducing the impact of a distributed denial of service (DDoS) attack?

Answer options

• A. Impose state limits on servers.
• B. Spread a site across multiple ISPs.
• C. Harden network security.
• D. Block the attack at the source.

Correct answer: B

Explanation

The most effective way to mitigate the impact of a DDoS attack is to spread a site across multiple ISPs, as it allows for load balancing and redundancy, making it harder for an attacker to overwhelm a single point. While imposing state limits, hardening security, and blocking attacks are useful strategies, they do not provide the same level of resilience and distribution as using multiple ISPs.