This question aligns with CHFI v11 objectives underNetwork and Web Attacks, specifically the classification and identification ofexternal threatstargeting organizational networks. External attacks originateoutside the organization’s trusted boundaryand are carried out by threat actors who do not have legitimate internal access. CHFI v11 highlights that recognizing the nature of such attacks is essential for incident detection, response, and forensic investigation.

Distributed Denial of Service (DDoS) attacksare a classic example of external attacks, where attackers overwhelm network resources with massive traffic volumes to disrupt availability. These attacks often originate from botnets distributed across the internet.Phishing attacksare another common external threat, involving deceptive emails or messages designed to trick users into revealing credentials, clicking malicious links, or downloading malware. The scenario described—customers reporting suspicious login attempts and pop-ups—strongly aligns with phishing and externally driven compromise attempts.

Software bugs are internal technical issues, insider threats originate from within the organization, and while ransomware is a type of malware, the option pairing encryption and ransomware is too broad and not explicitly external. Therefore, consistent with CHFI v11 classifications,DDoS attacks and phishingare clear examples of external attacks that pose serious threats to corporate networks.