Which attack occurs when a user’s legitimate request is captured and transmitted again by the attacker?

A replay attack occurs when an attacker intercepts and then retransmits a legitimate user's request to a server or system. This type of attack takes advantage of the way network communications are structured, allowing the attacker to impersonate the legitimate user by reusing their credentials or session data without needing to crack any passwords or encryption.

In a replay attack, the goal is often to gain unauthorized access, perform transactions, or mimic the actions of the legitimate user, which can lead to unauthorized activities or data breaches. The attacker essentially "replays" previous valid requests, which can be particularly harmful if the requests involve sensitive operations or transactions.

In contrast, denial of service attacks aim to make a system unavailable to its intended users, buffer overflow attacks exploit vulnerabilities in software that process input, and SQL injection attacks focus on manipulating SQL queries to access or alter database information. Each of these other attack types has different mechanics and goals compared to the straightforward interception and retransmission that characterize a replay attack.