Question 34


A company monitors the performance of all web servers using WMI. A network administrator informs the security engineer that web servers hosting the company’s client-facing portal are running slowly today. After some investigation, the security engineer notices a large number of attempts at enumerating host information via SNMP from multiple IP addresses. Which of the following would be the BEST technique for the security engineer to employ in an attempt to prevent reconnaissance activity?

A. Install a HIPS on the web servers

B. Disable inbound traffic from offending sources

C. Disable SNMP on the web servers

D. Install anti-DDoS protection in the DMZ

Correct Answer: A