Which of the following is a term used to describe a network of compromised computers used to perform a DDoS attack?
A. honeynet
B. black hole
C. botnet
D. sinkhole
E. honeypot
Explanation:
A botnet is a network of compromised computers, known as zombies, which can be used to send spam as well as perform Distributed Denial of Service (DDoS) attacks and Denial of Service (DoS) attacks. In addition, zombies can collect personally identifiable information (PII), such as account login information and bank account information. Zombies are controlled remotely by malicious users without the knowledge of the computer’s owner. A host can become a zombie by executing a virus or by using an operating system (OS) that does not contain the latest updates.
A honeynet is not a network of compromised computers used to perform a DDoS attack; a honeynet is a network of honeypots. A honeypot is a tool used to gather information about the attack methods used by malicious users. Honeypots, which can be composed of hardware or virtual assets, contain seemingly valuable information designed to attract malicious activities. By attracting malicious users to honeypots, administrators can analyze the methods and tools used in an attack and then use that information to protect legitimate resources.
A black hole is a traffic-filtering destination used to mitigate network-based attacks originating from a known host address or range of addresses. With black-hole traffic filtering, all traffic from an address or range of addresses is considered malicious and is routed to a black hole, typically the null interface of a router. Packets routed to the null interface are discarded without further processing by the router.
Similarly, a sinkhole is a traffic-filtering destination used to mitigate network-based attacks. With sinkhole traffic filtering, all traffic from an address or range of addresses is considered suspicious and is routed to a sinkhole, which is a device that can capture the traffic and analyze it before determining whether the traffic should be discarded.
Reference: https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/understanding-malware