A distributed denial-of-service (DDoS) attack causes spikes in network traffic as multiple systems attempt to connect to a server and deplete the target’s resources.

An Address Resolution Protocol (ARP) poisoning attack attempts to mislead systems about the source media access control (MAC) address.

A Domain Name System (DNS) poisoning attack attempts to redirect web browsers to malicious URLs.

In a domain hijacking attack, an attacker changes a domain name registration without permission from the owner.

CPU usage averaging 98 percent indicates resource exhaustion. The scenario doesn’t indicate the cause of the increased usage, so resource exhaustion is the best answer.

A distributed denial-of-service (DDoS) attack could cause this. However, a surge in traffic from an effective marketing campaign sent via email could also cause a surge in resource usage.

A buffer overflow attack is a type of DDoS attack, but the scenario doesn’t give enough information to indicate a buffer overflow attack has taken place.

The scenario only mentions CPU usage, so there isn’t any indication of a memory leak.

The message indicates a potential man-in-the-middle (MITM) attack, which is also known as an on-path attack. Specifically, it indicates that the key on the host system has changed, which may be due to the administrator connecting to the MITM system instead of the target system.

None of the other answers are related to incorrect cryptographic keys. A rogue access point is an unauthorized wireless access point.

Media access control (MAC) flooding is an attack on a switch, attempting to overload it with different MAC addresses.

An Address Resolution Protocol (ARP) poisoning attack misleads computers or switches about a system’s actual MAC address.

Domain Name System (DNS) logs will record DNS queries, such as what hostnames it resolved to IP addresses. The log entries would show all the domains that Homer visited during the day. One of these is most likely the one that downloaded malware onto his system.

A web server would show activity on the web server, but you wouldn’t have access to web servers controlled by others.

Homer didn’t open any email, so the mail server logs wouldn’t help.

PowerShell logs may show activity, but only if the malware used PowerShell. However, the PowerShell logs are unlikely to show who ran PowerShell scripts.

Buffer overflow attacks often cause an application to crash and expose system memory. Attackers then write malicious code into the exposed memory and use different techniques to get the system to run this code. None of the other attacks insert malicious code into memory.

An Address Resolution Protocol (ARP) poisoning attack attempts to mislead systems about the source media access control (MAC) address.

Privilege escalation techniques attempt to give an attacker more rights and permissions.

In a replay attack, the attacker intercepts data and typically attempts to use the intercepted data to impersonate a user or system.

You should display a generic error message but log detailed information on the error.

Detailed error messages to the user are often confusing to them and give attackers information they can use against the system.

Logging generic information makes it more difficult to troubleshoot the problem later.

At a minimum, input validation should be performed on the server-side.

Client-side validation can be combined with server-side validation, but attackers can bypass client-side input validation if it is used alone.

Normalization techniques organize tables and columns in a database to reduce redundant data but have nothing to do with input validation.

Memory management is a secure coding technique that helps prevent memory errors.