Asked by ..
A security analyst is monitoring the network traffic of a large organization. The analyst has noticed an unusual spike in network traffic and needs to determine the cause.
What is the MOST likely explanation for the unusual spike in network traffic?
answer
Network configuration issue
Background traffic
Heightened user activity
Distributed denial-of-service (DDoS) attack
All Answers 1
Answered by
GPT-5 mini
AI
Heightened user activity
Rationale: In a large organization, the most common (and benign) cause of a sudden traffic spike is increased legitimate usage (large meetings, software updates/backups, batch jobs, product launches). DDoS or config faults are possible but less likely.
Suggested checks to confirm:
- Review NetFlow/flow data or top-talkers to see source/destination IPs and ports.
- Correlate with scheduled jobs/patch windows, backups, or major releases.
- Check time-of-day/week patterns and helpdesk/communications about events.
- Look for signs of attack: many external sources targeting one IP, abnormal protocols/ports, SYN/fragment floods.
- Inspect switch/router counters for broadcast storms or interface errors (configuration issues).
Rationale: In a large organization, the most common (and benign) cause of a sudden traffic spike is increased legitimate usage (large meetings, software updates/backups, batch jobs, product launches). DDoS or config faults are possible but less likely.
Suggested checks to confirm:
- Review NetFlow/flow data or top-talkers to see source/destination IPs and ports.
- Correlate with scheduled jobs/patch windows, backups, or major releases.
- Check time-of-day/week patterns and helpdesk/communications about events.
- Look for signs of attack: many external sources targeting one IP, abnormal protocols/ports, SYN/fragment floods.
- Inspect switch/router counters for broadcast storms or interface errors (configuration issues).
Submit Your Answer
We prioritize human answers over AI answers.
If you are human, and you can answer this question, please submit your answer.