ITM 820 Lecture Notes - Lecture 4: Denial-Of-Service Attack

What steps should be taken when a dos or ddos attack is detected? s to prevent your systems from being compromised. This requires good system security practices and keeping the operating systems and applications on such systems current and patched. There are generally six steps that should be taken when a ddos attack is detected. The first step is to conduct an enterprise risk assessment. This is an essential step as it allows users to see the impact that attack would have on their system. Also, it allows users to estimate how much possible damage they would incur from this attack. Damages can vary from damaging an organization s reputation for example, to communication being shut down. The second step is to create an action plan. This allows the user to proactively prepare for the attackers next move because once the user is under the ddos attack, its too late to define responses.