CISSP · Question #220
The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it
The correct answer is C. looks like normal network activity.. DDoS attacks are particularly dangerous because the flood of traffic from multiple distributed sources mimics legitimate user behavior, making detection and mitigation difficult.
Question
The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it
Options
- Aexploits weak authentication to penetrate networks.
- Bcan be detected with signature analysis.
- Clooks like normal network activity.
- Dis commonly confused with viruses or worms.
How the community answered
(34 responses)- A3% (1)
- B6% (2)
- C91% (31)
Why each option
DDoS attacks are particularly dangerous because the flood of traffic from multiple distributed sources mimics legitimate user behavior, making detection and mitigation difficult.
Exploiting weak authentication is characteristic of brute-force or credential-stuffing attacks, not DDoS attacks, which aim to exhaust resources rather than gain unauthorized access.
DDoS traffic often evades traditional signature-based detection precisely because the packets themselves may be well-formed and lack unique malicious signatures, making signature analysis insufficient as a primary detection method.
A primary characteristic of DDoS attacks is that the volumetric flood originates from thousands of distributed (often compromised) hosts, each sending individually small and seemingly legitimate requests. This distributed nature causes the aggregate attack traffic to blend in with normal network activity, making it extremely difficult to distinguish malicious packets from genuine user traffic without advanced behavioral analysis.
Viruses and worms are self-replicating malware categories distinct from DDoS attacks; while botnets used in DDoS may be spread by malware, the attack mechanism itself is not commonly confused with viruses or worms.
Concept tested: Primary characteristics and detection challenges of DDoS attacks
Source: https://www.cisa.gov/sites/default/files/publications/understanding-and-responding-to-ddos-attacks_508c.pdf
Topics
Community Discussion
No community discussion yet for this question.