What defines a distributed denial-of-service (DDoS) attack?

A distributed denial-of-service (DDoS) attack is characterized by overwhelming services with excessive traffic, which can disrupt the normal functioning of targeted services or networks. This type of attack utilizes multiple compromised systems (often part of a botnet) to flood the target with a large volume of requests, making it difficult or impossible for legitimate users to access services. This results in a denial of service to legitimate users.

It is important to recognize that DDoS attacks aim specifically at exhausting network bandwidth, server resources, or application-level resources, thereby leading to service unavailability. The focus is on the scale and distribution of the attack, where multiple systems work in concert to amplify the impact on a single target.

In contrast, other mentioned choices do not accurately capture the essence of a DDoS attack. For instance, targeting a single device does not embody the 'distributed' nature of DDoS, enhancing server performance does not align with the disruptive goal of such attacks, and securing networks against intrusions is the opposite of the purpose of a DDoS attack. DDoS attacks are malicious in intent, aimed at rendering services unavailable to legitimate users.