Question 272 - FC0-U61 discussion

The scenario where an online retailer experienced an outage because the server received more requests than it could handle and customers could not log in as a result is best described as a denial of service. A denial of service is a type of attack that aims to disrupt or prevent the normal functioning or availability of a system or network by overwhelming it with excessive traffic or requests. A denial of service can cause performance degradation, slowdown, or outage for the system or network and its legitimate users. A denial of service can be performed by a single attacker or a group of attackers using multiple compromised devices, which is called a distributed denial of service (DDoS). A hardware failure is not the scenario that describes the online retailer's outage, but rather a possible cause or consequence of the outage. A hardware failure is a malfunction or breakdown of a physical component of a system or network, such as a disk, a memory, a CPU, a power supply, etc. A hardware failure can cause data loss, corruption, or interruption for the system or network and its users. A hardware failure can be caused by various factors, such as wear and tear, physical damage, overheating, power surge, etc. A hardware failure can also be induced by a denial of service attack that damages the hardware by overloading it. An on-path attack is not the scenario that describes the online retailer's outage, but rather a type of network attack that involves intercepting or modifying data packets that are transmitted between two parties on a network. An on-path attack can compromise the confidentiality, integrity, or authenticity of the data or communication between the parties. An on-path attack can be performed by an attacker who has access to the same network segment or device as one of the parties, such as a router, a switch, or a hub. An on-path attack can also be performed by an attacker who tricks one of the parties into sending data to them instead of the intended destination, which is called a man-in-the-middle attack.

A social engineering attack is not the scenario that describes the online retailer's outage, but rather a type of attack that exploits human psychology and behavior to manipulate people into performing actions or revealing information that benefits the attacker. A social engineering attack can take various forms, such as phishing, vishing, baiting, quid pro quo, pretexting, or tailgating. References:

The Official CompTIA IT Fundamentals (ITF+) Student Guide (Exam FC0-U61), Chapter 7: Security Concepts