Ethical Hacking Essentials Practice Test

Disabling TCP SYN cookie protection is indeed not considered a defensive measure against DoS/DDoS attacks. TCP SYN cookies are a security mechanism that helps to mitigate SYN flood attacks, which are a common type of DoS attack. By enabling SYN cookies, a server can maintain the ability to handle legitimate connection requests while preventing resource exhaustion that occurs when a server gets overwhelmed with half-open connections during an attack. Therefore, disabling this feature would actually leave the server vulnerable to such attacks, making it a poor defensive practice.

In contrast, enabling rate limiting on servers, monitoring network traffic, and implementing redundancy in network paths are all proactive strategies to enhance the resilience of a network against attacks. Rate limiting helps to control the amount of traffic that can reach the server during spikes, thus reducing the likelihood of successful attacks. Continuous monitoring of network traffic allows for the early detection of unusual patterns indicative of DDoS attacks, enabling rapid response. Redundancy in network paths ensures that if one route becomes overwhelmed or fails due to an attack, alternative paths can maintain service availability. Each of these practices contributes directly to an organization's defensive posture against DoS/DDoS threats.