A company's web server has crashed due to a surge of false requests. What type of attack is this indicative of?

The indicator of a web server crashing due to a surge of false requests points directly to a denial-of-service (DoS) attack. In a denial-of-service attack, the attacker overwhelms the system with excessive requests, aiming to exhaust its resources and render it unable to handle legitimate user requests. This is consistent with the scenario described, where the server cannot manage the influx of fake requests, leading to a crash.

In contrast, spoofing involves impersonating another device or user to gain unauthorized access, which does not inherently result in server crashes but rather in misuse of access. Piggybacking refers to unauthorized access through legitimate credentials or by following authorized users, which poses different risks but also does not align with the symptoms of the server crash. Eavesdropping attacks focus on intercepting and listening to communications without permission, which is unrelated to performance issues such as a system crash. Thus, the characteristics of a denial-of-service attack clearly align with the symptoms presented in the question.