According to the CEH Denial-of-Service (DoS/DDoS) module, application-layer DDoS attacks specifically target services such as HTTP, HTTPS, DNS, or APIs by sending requests that appear legitimate but overwhelm server resources.
An HTTP flood attack sends a massive number of HTTP GET or POST requests, consuming CPU, memory, and application threads. CEH highlights that these attacks are particularly dangerous because they:
Mimic normal user behavior
Are difficult to distinguish from legitimate traffic
Bypass traditional network-layer defenses
Option A is correct.
Options B, C, and D operate primarily at the network or transport layers, not the application layer.
CEH stresses that HTTP floods are among the most challenging DDoS attacks to mitigate due to their stealthy nature.
