Security Beginner

What is DDoS (Distributed Denial of Service)?

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

DDoS attacks use thousands of compromised devices (botnets) to generate massive traffic volumes. Types include volumetric attacks (flood bandwidth), protocol attacks (exploit protocol weaknesses), and application layer attacks (target specific services).

Mitigation includes CDN/DDoS protection services (Cloudflare, AWS Shield), rate limiting, geo-blocking, traffic analysis, and over-provisioning. DDoS attacks are common and can target any internet-facing service. Protection should be part of every production architecture.

Learn More About This Topic

SOC Analyst Fundamentals

Related reading

SOC Analyst Advanced: Incident Response & Forensics

Related reading

Ethical Hacking & Penetration Testing

Related reading

Related Terms

An attack where malicious SQL code is inserted into application queries through user input to access or manipulate the database.

SIEM (Security Information and Event Management)

A platform that collects, correlates, and analyzes security events from across an organization to detect threats and incidents.

Cryptographic Key Management

The practices and procedures for generating, storing, distributing, rotating, and revoking encryption keys securely.

Security Hardening

The process of reducing a system's attack surface by disabling unnecessary services, applying patches, and configuring security controls.

Content Security Policy (CSP)

An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.

A technique that controls the number of requests a client can make to a server within a specified time period.

View All Security Terms →