Your company's network infrastructure has begun to experience a sudden degradation in performance. You notice an unexpected flood of inbound network traffic targeting one of your externally facing servers. This traffic is coming from numerous dispersed and seemingly unrelated IP addresses. What type of attack is most likely being carried out?
The correct answer is a Distributed Denial-of-Service attack. In this type of attack, a multitude of compromised systems (often part of a botnet) targets a single system with a flood of traffic with the intent to overwhelm it and disrupt service availability. An amplified reflection attack involves forging the victim's IP address onto small queries to different servers, which in turn bombard the victim with large responses. This doesn't typically describe a situation with multiple distinct IP addresses directly flooding a server. A reflection attack is a subset of a DDoS attack but is not the same as the direct, multi-source assault described in the scenario. A SYN flood attack directly involves sending a flood of TCP/SYN packets, typically with a forged sender address; however, this term can be more specific for the TCP handshake process and might not fully encompass the breadth implied in the scenario's description of the attack.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are botnets and how do they relate to DDoS attacks?
Open an interactive chat with Bash
What measures can be taken to prevent or mitigate DDoS attacks?