ISC² Post Assessment Practice Test 2025 – Your All-in-One Guide to Exam Success!

A Distributed Denial of Service (DDoS) attack is designed to overwhelm a service, such as a website or online application, by flooding it with an enormous amount of traffic. This excessive load exceeds the service’s capacity to handle requests, resulting in degraded performance or complete unavailability. DDoS attacks often leverage multiple compromised systems to amplify the scale of the attack, demonstrating both the sophistication and potential impact of this type of threat.

In contrast, spoofing involves impersonating another entity, which does not focus on service availability. Phishing schemes trick users into divulging sensitive information by masquerading as legitimate communications, but they do not primarily aim to disrupt services. A man-in-the-middle attack focuses on intercepting and altering communication between two parties rather than overwhelming a service. Thus, DDoS distinctly addresses the aspect of making a service unreachable, solidifying its classification as a threat aimed explicitly at service unavailability.