New RBI Grade B 2025 Notification will come Soon! Enroll Here

    Question

    Which attack type specifically targets application-layer

    protocols like HTTP, DNS, and SMTP?
    A Brute Force Attack Correct Answer Incorrect Answer
    B Distributed Denial-of-Service (DDoS) Correct Answer Incorrect Answer
    C Injection Attack Correct Answer Incorrect Answer
    D Cross-Site Scripting (XSS) Correct Answer Incorrect Answer
    E Cross-Site Request Forgery (CSRF) Correct Answer Incorrect Answer

    Solution

    A DDoS attack overwhelms an application or server by flooding it with a high volume of requests, often targeting application-layer protocols such as HTTP (web requests), DNS (domain resolution), and SMTP (email services). Application-layer DDoS attacks are difficult to detect because they mimic legitimate user traffic, exhausting server resources.

    1. Impact: It disrupts services, leading to downtime, loss of business, and customer dissatisfaction.
    2. Prevention: Mitigation involves using rate limiting, traffic filtering, and DDoS protection services like Cloudflare or AWS Shield.
    Why Other Options Are Incorrect:
    • Brute Force Attack: Attempts to crack passwords or keys, not overwhelm protocols.
    • Injection Attack: Exploits database queries, not application-layer protocol overload.
    • XSS: Targets client-side browsers, not server-layer protocols.
    • CSRF: Exploits session trust, unrelated to flooding servers.

    Practice Next