Upon investigating a report of a web server becoming unavailable, the security analyst finds that the web server??s access log has the same log entry millions of times: 147.186.119.200 - - [28/Jul/2023:12:04:13 -0300] "GET /login/ HTTP/1.0" 200 3733
What kind of attack is occurring?
Correct Answer:
A
The log entry showing the same request repeated millions of times indicates aDenial of Service (DoS) Attack, where the server is overwhelmed by a flood of requests to a specific resource, in this case, the/login/page. This type of attack is aimed at making the server unavailable to legitimate users by exhausting its resources.
✑ Denial of Service Attack:
✑ Incorrect Options:
✑ Web Server Security:Understanding DoS attacks is critical for securing web servers and mitigating these types of disruptions.
What is the main difference between a DDoS and a DoS attack?
Correct Answer:
C
The primary difference between a Distributed Denial of Service (DDoS) attack and a Denial of Service (DoS) attack is in the source of the attack. ADDoSattack involves multiple compromised systems (often part of a botnet) attacking a single target, overwhelming it with traffic or requests. In contrast, aDoSattack typically involves a single source attacking the target. The goal of both attacks is to make a service unavailable, but DDoS attacks are usually more difficult to defend against because of their distributed nature.