I have just completed Domain 1: Security Principles and there was 1 practice question I got wrong:
Understand why Ransomware can be an Availability attack, but can anyone help explain why DDoS is not an Availability attack? From my understanding DOS attacks basically spam a server with traffic to make it crash and prevent availability of data for legitimate users?
Thank you very much
It's not a fantastic question, but often ISC2 are looking for the most correct answer. In this case ransomware directly targets data, whereas a DDoS overloads infrastructure.