Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What practice does not help incident responders protect the network against DoS/DDoS incidents?

Allowing overwriting of return addresses
Implementing network segmentation
Using traffic anomaly detection
Establishing incident response protocols

The correct answer is: Allowing overwriting of return addresses

Allowing overwriting of return addresses does not contribute to protecting the network against Denial of Service (DoS) or Distributed Denial of Service (DDoS) incidents. This practice is primarily related to vulnerabilities in software applications, specifically in the context of buffer overflow attacks. By allowing return addresses to be overwritten, systems may become more susceptible to exploitation, leading to unauthorized access or system compromise rather than enhancing the resilience against DoS/DDoS attacks. In contrast, implementing network segmentation helps isolate critical components of the network, making it harder for attackers to reach target resources. Using traffic anomaly detection allows for the identification of unusual patterns that may indicate an impending DDoS attack, enabling quicker response times. Establishing incident response protocols ensures that there is a structured and efficient approach to managing incidents, which is crucial for minimizing the impact of potential disruptions caused by DoS or DDoS attacks. Each of these practices enhances the overall security posture against such incidents, unlike the allowance of return address overwriting.