What type of attack involves redirecting a user from a legitimate site to a malicious one?

The correct answer relates to DNS Spoofing, which is a type of attack that alters the resolution of domain names. In this attack, the attacker manipulates the DNS (Domain Name System) resolution process so that when a user attempts to access a legitimate website, they are redirected to a malicious site instead. This can be done by corrupting the DNS cache or poisoning it with incorrect IP mappings.

By using DNS Spoofing, attackers can effectively impersonate a legitimate website, potentially leading users to provide sensitive information like passwords or financial details, thereby making it a significant security threat.

Phishing, while similar in its intent to deceive users, typically involves a direct request for information through emails or messages that appear to be from legitimate sources, rather than manipulating DNS records. DDoS attacks focus on overwhelming a system with traffic, and SQL Injection exploits vulnerabilities in database queries to manipulate data, neither of which involve redirecting users from one site to another. Therefore, DNS Spoofing is the most accurate answer in this context, as it directly involves the redirection process central to the question.