Recommendations for Mitigating Risks of Prolonged DDoS Attacks on Local Datacenter

A Chief Information Security Officer (CISO) is concerned about the organization's ability to continue business operations in the event of a prolonged DDoS attack on its local datacenter that consumes database resources.

Which of the following will the CISO MOST likely recommend to mitigate this risk?

A.

Upgrade the bandwidth available into the datacenter.

B.

Implement a hot-site failover location.

C.

Switch to a complete SaaS offering to customers.

D.

Implement a challenge response test on all end-user queries.

B.

In this scenario, the CISO is concerned about the organization's ability to continue business operations in the event of a prolonged DDoS attack on its local datacenter that consumes database resources. To mitigate this risk, the CISO is most likely to recommend implementing a hot-site failover location.

A hot-site is a fully operational backup site that can take over in the event of a disaster, such as a prolonged DDoS attack. By implementing a hot-site, the organization can continue its business operations even if the primary datacenter is unavailable. This is accomplished by replicating data and applications to the hot-site, so they can be quickly brought online if needed.

Upgrading the bandwidth available into the datacenter, while it could help to alleviate congestion during a DDoS attack, is unlikely to be effective if the attack is sustained over an extended period of time. Similarly, switching to a complete SaaS offering to customers would not address the issue of the datacenter being unavailable due to a DDoS attack.

Implementing a challenge-response test on all end-user queries, while a good security practice, would not mitigate the risk of a prolonged DDoS attack on the datacenter.

Therefore, the most effective recommendation to mitigate the risk of a prolonged DDoS attack is to implement a hot-site failover location.