A disruption attack primarily focuses on which of the following actions?

A disruption attack is fundamentally concerned with affecting the availability and performance of systems or networks. It aims to interrupt or degrade the normal functioning of services, thereby impacting the ability for legitimate users to access those services.

Focusing on the correct action, degrading the performance of a network aligns perfectly with the essence of a disruption attack. This type of attack can manifest in various forms, such as denial-of-service (DoS) attacks, which flood a network or server with excessive traffic, making it slow or entirely unresponsive to legitimate users.

The other described actions do not relate to disruption attacks. Accessing unauthorized data pertains more to confidentiality breaches, tampering with hardware or software before installation relates to integrity violations, and encrypting sensitive information often ties into data protection or ransomware scenarios. Only the degradation of performance directly corresponds to a disruption in services, making it the accurate focus of a disruption attack.