Professional Documents
Culture Documents
CISA Question 11 - 12 - Explenation
CISA Question 11 - 12 - Explenation
Question
The BEST filter rule for protecting a network from being used as an amplifier in a
denial of service (DoS) attack is to deny all:
Explanation
Outgoing traffic with an IP source address different than the IP range in the
network is invalid, in most of the cases, it signals a DoS attack originated by an
internal user or by a previously compromised internal machine; in both cases,
applying this filter will stop the attack.
CISA Question 12
Question
Explanation
The signature on the digest can be used to authenticate the sender. It does not
provide assurance of the date and time stamp or the identity of the originating
computer. Digitally signing an e-mail message does not prevent access to its
content and, therefore, does not assure confidentiality.