DDoS mitigator

A Distributed Denial of Service (DDoS) attack is where a very large amount of traffic is sent to a switch or a server so that it is overwhelmed and cannot function. A DDoS mitigator is a device, such as a stateful firewall on the external interface of your DMZ or a flood guard on an internal switch, that can identify the DDoS attack at an early stage and prevent it from being successful.

Exam tip: Capturing the data flowing through a port on a switch can be done by port mirroring, also known as a tap.

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.