A system administrator observes unusually high traffic to a public web server, with traffic originating from thousands of IP addresses worldwide. The server becomes unresponsive during peak hours.
What kind of attack is likely happening?

After a new device connects to the network, users complain that they cannot access the internet. A network engineer finds two DHCP servers on the same subnet, and one is giving incorrect default gateways.
What type of threat is this?

Users report being redirected to fake login pages, even though they typed in the correct website URLs.
The DNS server logs show altered records.
Which attack is this?

An attacker gains access to a public Wi-Fi network and begins capturing unencrypted data between users and websites.
Which attack type does this describe?

A user clicks a link in an email that looks like it came from the help desk. It redirects to a realistic-looking login page. After entering credentials, they realize it was fake.
What type of attack occurred?

An attacker spoofs an IP address to impersonate a trusted device and bypass firewall rules.
What is this technique called?