Cybersecurity: DoS and DDoS Attacks

Questions and Answers

What is the primary goal of a DoS attack?

• To make a network service unavailable (correct)
• To infiltrate the network and spread malware
• To redirect traffic to a malicious site
• To steal sensitive data from the server

How does a DDoS attack differ from a DoS attack?

• DDoS attacks are easier to mitigate than DoS attacks.
• DoS attacks can only affect websites whereas DDoS attacks can target any network.
• DDoS attacks utilize a botnet to launch a distributed traffic assault. (correct)
• DDoS attacks originate from a single source while DoS attacks come from multiple locations.

What could potentially happen to a website under a DoS attack?

• The website may crash or become unresponsive. (correct)
• The website will redirect users to another page.
• The website will successfully filter out all requests.
• The website may become faster due to increased traffic.

Which of the following is a method to prevent DoS attacks?

Utilizing rate-limiting techniques (A)

What is a common source of traffic in a DDoS attack?

A network of compromised devices, or botnet (B)

Which factor contributes to the difficulty in mitigating DDoS attacks?

The distributed nature of the attack across many devices (D)

What is one potential impact of both DoS and DDoS attacks on an organization?

Loss of revenue due to service downtime (D)

What type of tools are generally needed to defend against DDoS attacks?

Specialized anti-DDoS services and advanced traffic analysis tools (D)

Flashcards

DoS Attack

A cyberattack that makes a network service unavailable by overwhelming it with traffic or exploiting system vulnerabilities.

DDoS Attack

A more powerful DoS attack using multiple sources (like a botnet) to overwhelm a server.

Botnet

A network of compromised devices controlled by an attacker to carry out attacks, like DDoS.

DoS Attack - Single Source

A DoS attack originating from one computer or server.

DDoS Attack - Multi-Source

A DDoS attack originating from multiple devices.

Network Service Outage

Temporary or permanent unavailability of a network service due to attack.

Rate Limiting

Technique to control the rate of requests to prevent server overload.

Firewall

Security system that blocks unauthorized access. A part of defence against attacks.

Anti-DDoS Service

Specialized service to protect servers from DDoS attacks.

Study Notes

Denial of Service (DoS) Attacks

• Definition: A cyberattack aimed at making a network service unavailable by overwhelming it with traffic or exploiting vulnerabilities.
• Mechanism: Attacker sends excessive requests to a server, causing it to crash or become unresponsive.
• Example: Flooding a website with millions of requests.
• Impact: Website downtime, slowdowns, or crashes.

Distributed Denial of Service (DDoS) Attacks

• Definition: A sophisticated DoS attack where traffic originates from multiple sources, typically a network of compromised devices (botnet).
• Mechanism: Attacker uses a botnet to send massive requests to the target server.
• Example: Using thousands or even millions of infected IoT devices to overwhelm a website.
• Impact: Significant disruption to online services, loss of revenue, and damage to reputation.

Key Differences: DoS vs. DDoS

• DoS: Single source, one computer/server.
• DDoS: Multiple sources, distributed across many devices (botnet).

Mitigation Strategies

• DoS: Limiting requests from a single IP, using firewalls, and rate-limiting.
• DDoS: Specialized anti-DDoS services, cloud-based protections, and advanced traffic analysis tools to filter malicious traffic.