Cisco Cyber Security Practice Exam

What should be done to mitigate unauthorized network probing and port scanning?

• A. Enable network traffic logging
• B. Disable ping, probing and port scanning
• C. Conduct an audit
• D. Set up additional firewalls

The correct answer is: Disable ping, probing and port scanning

Mitigating unauthorized network probing and port scanning can primarily be achieved by taking steps to limit the exposure of network services. Disabling ping, probing, and port scanning effectively restricts intruders from discovering hosts and the services running on them. This action prevents potential attackers from gaining information about the network architecture and finding vulnerable points that could be exploited. When you disable these features, you reduce the attack surface considerably by minimizing the information available to unauthorized users. For instance, if ICMP (used for pinging) is turned off, it becomes more challenging for attackers to identify which devices are active on the network. This heightened security is crucial in maintaining confidentiality and integrity against espionage tactics commonly employed in cyber-attacks. Other methods suggested, such as enabling logging, conducting audits, or setting up additional firewalls, can enhance security, but they often serve as supplementary measures rather than directly preventing unauthorized probing and scanning. Logging can capture suspicious activities, audits can help assess security postures, and firewalls can control traffic; however, they do not inherently stop probing or scanning attempts from occurring. Therefore, while disabling such features provides a strong first line of defense against reconnaissance activities, the combination of proactive measures also plays an essential role in a comprehensive security strategy