A DDoS (Distributed Denial of Service) attack uses multiple systems to overwhelm a target with traffic, leading to its crash. In contrast, DoS involves a single source, while phishing and spoofing are different types of attacks.

The primary goal of a man-in-the-middle (MITM) attack is intercepting and altering communications between two parties without their knowledge, allowing the attacker to manipulate the data being exchanged.

A Trojan is a type of malware that pretends to be legitimate software, tricking users into installing it. Unlike worms or ransomware, Trojans do not replicate themselves but can cause significant harm once activated.

Nessus is a widely used vulnerability scanner that identifies known vulnerabilities in a network. In contrast, Nmap is a network mapper, Wireshark is a packet analyzer, and NetFlow is a network traffic analysis tool.

Role-Based Access Control (RBAC) is based on the principle of least privilege, allowing users to access only the resources necessary for their role, thereby minimizing potential security risks.

The primary purpose of network segmentation is to separate different types of data and systems, enhancing security and performance by isolating traffic and reducing the risk of data breaches.

Access control is specifically designed to ensure that only authorized users can access resources, making it the correct choice. Preventive, detective, and corrective controls serve different purposes in security management.