To mitigate ongoing DoS attacks, what should an e-commerce company disable?

• A. Secure payment gateways
• B. Unnecessary services on the database server
• C. Firewall protections
• D. Password protections

Answer: (B)

Disabling unnecessary services on the database server is an effective strategy to mitigate ongoing Denial of Service (DoS) attacks. By reducing the number of active services, the attack surface is minimized, which means there's less opportunity for attackers to exploit vulnerabilities. This can also free up system resources that can be redirected towards handling legitimate traffic, thus maintaining service availability for genuine users.

In the context of DoS attacks, typically an attacker aims to overwhelm a system with excessive requests. If unnecessary services are running, they could consume valuable resources and facilitate the DoS attack further. By shutting down these services, the company can enhance the overall stability and robustness of the system and improve its ability to respond to actual legitimate requests.

The other options involve critical components of the e-commerce operation. Secure payment gateways are essential for processing transactions safely, firewall protections are crucial for blocking unauthorized access, and password protections ensure that user accounts remain secure from unauthorized access. Disabling these would expose the company to greater risks and weaken its overall security posture.