A vulnerability that would allow an unauthenticated, remote attacker to originate a DoS attack was found in a DHCP client implementation of a switch.
Which of the following would BEST resolve the issue?
A.
Verify the default passwords have been changed. B.
Upgrade to the latest firmware C.
Generate new SSH keys. D.
Review and modify the firewall rules.
B.
A vulnerability that would allow an unauthenticated, remote attacker to originate a DoS attack was found in a DHCP client implementation of a switch.
Which of the following would BEST resolve the issue?
A.
Verify the default passwords have been changed.
B.
Upgrade to the latest firmware
C.
Generate new SSH keys.
D.
Review and modify the firewall rules.
B.
The best solution for the vulnerability that allows an unauthenticated, remote attacker to originate a DoS attack in a DHCP client implementation of a switch is to upgrade to the latest firmware (Option B).
Explanation:
Dynamic Host Configuration Protocol (DHCP) is a network management protocol used to automate the process of assigning IP addresses and other network configuration parameters to devices on a network. DHCP clients request an IP address from a DHCP server and are assigned a lease, which is a temporary assignment of an IP address. A DHCP client implementation vulnerability could allow an attacker to exhaust the available IP addresses, causing a Denial of Service (DoS) attack.
Option A, verifying the default passwords have been changed, is not relevant to this scenario as the issue is related to a DHCP client implementation vulnerability, and changing the default passwords would not resolve the vulnerability.
Option C, generating new SSH keys, is not relevant to this scenario as SSH keys are used for secure remote access to a device and would not address the DHCP client implementation vulnerability.
Option D, reviewing and modifying the firewall rules, is not relevant to this scenario as the vulnerability is related to the DHCP client implementation and not the firewall rules.
Therefore, the best solution for the vulnerability that allows an unauthenticated, remote attacker to originate a DoS attack in a DHCP client implementation of a switch is to upgrade to the latest firmware (Option B). Firmware upgrades can address known vulnerabilities and improve the overall security of the device.