What is the name of the cyber attack in which an attacker overwhelms a web…

2024

What is the name of the cyber attack in which an attacker overwhelms a web server by sending a very large number of HTTP requests?

  1. A.

    Packet Sniffing

  2. B.

    HTTP Flooding

  3. C.

    DNS Spoofing

  4. D.

    Session Hijacking

  5. E.

    Port Scanning

Attempted by 50 students.

Show answer & explanation

Correct answer: B

Correct answer: HTTP Flooding.

An HTTP flood is an application-layer (Layer 7) Denial-of-Service / DDoS attack. The attacker sends a very large number of seemingly legitimate HTTP GET or POST requests to a target web server. Because each request forces the server to allocate resources (handling the request, querying a database, building a response), a flood of such requests exhausts the server's CPU, memory, and connection capacity until it can no longer serve genuine users.

These requests look like ordinary browser traffic, which makes an HTTP flood harder to filter than a simple network-layer flood. Such attacks are often launched from a botnet so that the requests arrive from many different IP addresses at once.

Why the others are wrong: Packet sniffing only passively captures traffic to read it; DNS spoofing corrupts DNS resolution to redirect users to a fake address; session hijacking steals an authenticated user's session token to impersonate them; and port scanning merely probes which ports/services are open. None of these floods a server with HTTP requests, so HTTP Flooding is the only correct choice.

Explore the full course: Up Police Computer Operator