B. Recommendations:
This attack on university was DDos attack. However, the attack initiated from the inside network. Following are the recommend defensive measures to counter such type of attack.
1. Prevent systems from installation of attack tools:
The attacker was able to install attacking software on many lab computers. These computers (secondary victims) were then participated in this DDoS attack. One of the precautionary steps that can be taken to prevent such type of attack is preventing installation of distributed attack tools. An antivirus or antiTrojan should be installed. The university needs to proactive scan and test systems on the network to find installed attacking software (daemons and/or masters) in the internal network (EC-Council, 2010, p.29).
2. Load balancing:
The university needs to implement load balancing which would mitigate a DDoS attack and improve normal performance as well. They should advance in and maintain the computers that can be positioned into service quickly in the event that the registration server or other services server is disabled (hot spares) (cert.org, 1997).
3. Throttling:
When an attack is being carried out, throttling will prevent servers from going down. This will throttle incoming traffic such that number and load of requests for the service will be safe for the server (princeton.edu, 2004).

Deflect Attacks:
They can intentionally set up systems with limited security, which is called Honeypots, to be an invitation for an attack. This Honeypots serves to deflect attacks from reaching the real protected systems. In addition, this system will help the network administrator of the University to learn and record software tools and types of attacks the attacker is using (princeton.edu, 2004).
4. Detect or Prevent Potential Attacks:
They need to establish and implement a number of policies to help in