What action should network administrators take concerning ping functionality?

Disabling ping functionality for external users is an effective way to improve security, as it prevents potential attackers from using ping requests to probe and identify live systems on the network. This practice mitigates risks associated with reconnaissance attacks, where adversaries gather information about the network to identify vulnerabilities. By blocking ping responses from external sources, network administrators can reduce the attack surface and make it harder for attackers to ascertain which devices are active.

While enabling ping for all users may seem beneficial for troubleshooting or network performance monitoring, it exposes the network to unnecessary risk. Similarly, only enabling it during maintenance periods would not provide a comprehensive solution, as it could lead to errors or oversight in controlling access. Keeping ping enabled but closely monitoring its usage may provide some visibility into potential issues but does not adequately address the security implications of allowing external probing. Therefore, disabling ping functionality for external users is a proactive measure in safeguarding the network.