Which of the following attacks requires monitoring for unusual behavior as a preventative measure?

DDoS, or Distributed Denial of Service, attacks aim to overwhelm a network or service with excessive traffic, rendering it unavailable to legitimate users. Monitoring for unusual behavior is crucial in this context because it allows organizations to detect an increase in traffic patterns that may indicate an impending DDoS attack. Such monitoring can involve analyzing traffic volumes, identifying spikes in requests from specific IP addresses, or noticing atypical patterns that deviate from normal operations. By recognizing these anomalies early, security teams can implement mitigation strategies, such as rate limiting or traffic filtering, to reduce the impact of the attack.

Other types of attacks, such as malware, phishing, and SQL injection, typically involve different preventative measures. For example, defenses against malware concentrate on implementing endpoint protection and antivirus software, phishing prevention often revolves around user education and email filtering, while defenses against SQL injection focus on secure coding practices and input validation. While monitoring is also beneficial for these threats, DDoS specifically emphasizes the need for continuous vigilance regarding network traffic to maintain service availability.