CompTIA Security+ (SY0-601) — Question 368

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?

Answer options

• A. DDoS
• B. Privilege escalation
• C. DNS poisoning
• D. Buffer overflow

Correct answer: A

Explanation

This situation is indicative of a DDoS (Distributed Denial of Service) attack, where multiple compromised systems are used to flood a network with traffic, making it difficult to block all malicious sources. The other options, such as privilege escalation, DNS poisoning, and buffer overflow, refer to different types of security threats that do not involve overwhelming network traffic from numerous IP addresses.