A cybercriminal group wants to disrupt the operations of a major national bank. They know the bank has strong defenses, so they launch a massive Distributed Denial of Service (DDoS) attack against the bank's internet service provider (ISP), causing outages for the bank and all other customers of that ISP.

From the bank's perspective, which term best describes this attack strategy?

A rival company wants to take down a competitor's online store during a holiday sale. They execute a ransomware attack that encrypts all of the store's website files, replacing the homepage with a ransom note. This makes the site completely unusable.

Based on its effect on the online store's operations, this attack is best described as:

An office manager is responsible for decommissioning old computers. Following company policy, they attempt to wipe the hard drives before sending them to a recycler. However, the software they use fails silently, leaving all the sensitive company data intact on the drives.

Which term best classifies the manager's action that led to this potential data breach?

A hacker sits in a coffee shop and uses sniffing software to monitor all the unencrypted Wi-Fi traffic. They are able to capture login credentials and personal messages from other customers without interfering with anyone's connection.

The hacker's monitoring of traffic, without altering it, is an example of what kind of attack?

A disgruntled employee plans to steal their company's confidential client list before they quit. On their last day, they log into the company's CRM system, download the client list to a USB drive, and delete the original files from the server to cause chaos.

How is this incident best classified in terms of action and intent?

A user receives an email that appears to be from their bank, asking them to verify their account details due to a "security update." The user clicks the link, enters their username and password on a fake website, and the attacker immediately uses these credentials to access their real bank account.

How is this phishing attack best classified?