Consider the following firewall rules:
I incoming traffic:
TCP Port 25
TCP Port 139: Denied
UDP Port 137: Denied

UDP Port 138: Denied
ICMP echo request: Denied
I CMP echo reply: Denied
Outgoing traffic:
TCP Ports 1024 through 65,535 to port 80: Denied
T CP Port 80: Denied
ICMP echo request: Denied
I CMP echo reply: Denied
TCP Port 139: Denied
UDP Port 137: Denied
UDP Port 138: Denied
All company production servers reside behind the corporate firewall. However, you discover that
the Web server performance is very low. After sniffing the traffic to the Web server, you learn that
the Web server is experiencing a distributed denial-of-service attack in which millions of ping
packets are being directed at the server. Which of the following is the most plausible explanation
for this situation?

A.
There is a flaw in the firewall rule set.

B.
The firewall is not configured to block ICMP packets generated by the ping command.

C.
The attack is originating from a wireless access point (WAP) connected to the corporaten
network.

D.
The attack is originating from a Web server that has not been properly updated, and which has
been infected with a Trojan horse.

Explanation: