Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which service should be blocked to help prevent Denial of Service attacks?

  1. FTP service

  2. Echo service

  3. SSH service

  4. DNS service

The correct answer is: Echo service

To effectively mitigate Denial of Service (DoS) attacks, blocking the echo service is a sound strategy. The echo service, which operates through the Internet Control Message Protocol (ICMP) echo requests, can be exploited in flood attacks. In such attacks, an overwhelming number of echo requests lead to network congestion, making legitimate traffic unable to reach its destination or causing systems to crash due to resource exhaustion. By blocking this service, you can reduce the risk of such flood-based DoS attacks, which aim to disrupt the normal functioning of targeted systems. Other services, while potentially vulnerable to different forms of attacks or misuse, do not inherently facilitate the same level of disruption as the echo service in the context of Denial of Service attacks. For example, FTP, SSH, and DNS can be targeted in specific ways, but their blocking would not directly address the flooding technique commonly associated with echo requests. Therefore, focusing on blocking the echo service is a strategic approach to reduce the risk of DoS attacks.

More Questions Like This