Which of the following best describes a DDoS attack?

A Distributed Denial of Service (DDoS) attack aims to render a machine or network resource unavailable to its intended users. This is typically achieved by overwhelming the target with a flood of traffic from multiple compromised sources, making it difficult or impossible for legitimate users to access the service. The purpose of a DDoS attack is to disrupt normal operations, often causing considerable downtime and impacting the target's ability to function.

The other options describe different types of cybersecurity threats. Unauthorized access to sensitive data refers to breaches and hacking incidents, while infecting a system with malicious software pertains to the spread of malware. Exfiltrating data for financial gain is related to data theft, which is another form of malicious activity. However, these do not involve the denial of service aspect that characterizes a DDoS attack.