What type of DoS attack occurs when an attacker exploits weaknesses in programming source code?

The correct choice is the application layer. This type of Denial of Service (DoS) attack specifically targets the application layer of the OSI model, which is where applications and services interact with users and other systems. By exploiting vulnerabilities in programming source code—such as flaws in how the application processes requests or manages resources—an attacker can cause the application to crash or become unresponsive to legitimate users.

For example, if an application has a buffer overflow vulnerability, an attacker might send specially crafted input that causes the application to exceed its memory limits. This not only disrupts the service for legitimate users but can also lead to unauthorized access if the vulnerability is severe enough.

Understanding this distinction is crucial for incident handlers, as it guides the strategies they must employ to defend against specific attacks based on their targets. The other types of attacks mentioned don't specifically focus on exploiting programming weaknesses in applications. Protocol attacks target the network protocols themselves, volumetric attacks overwhelm system resources with excessive traffic, and permanent attacks imply more complex scenarios that typically involve irreversible damage rather than just leveraging weaknesses in code.