Adam is the key IT staff member for a small company and has migrated his company’s infrastructure from an on-site data center to cloud-based infrastructure as a service (IaaS) provider. Recently he has been receiving notifications that his website is slow to respond and that it is inaccessible at times. Adam thinks that attackers may be conducting a denial-of-service attack against his organization. If Adam were still running in his on-site infrastructure, which technology would provide the MOST insight into what type of attack he was seeking?

The most useful data is likely to come from an IPS, or intrusion prevention system. He will be able to determine if the attack is a denial-of-service (DoS) attack, and the IPS may be able to help him determine the source of the denial-of-service attack. A firewall might provide some useful information but would only show whether or not traffic was allowed and would not analyze the traffic for attack information. A vulnerability scanner would indicate if there was an issue with his application or the server, but it would not identify this type of attack. Antimalware software can help find malware on the system but isn’t effective against a DoS attack.