What type of server is known to listen to compromised endpoints and issue attack commands?

The correct answer is a Command and Control server. This type of server plays a crucial role in many cyber attack scenarios, particularly in the context of botnets. After a system has been compromised, typically by malicious software (malware), it connects back to the Command and Control server operated by the attacker. The server issues commands to the infected devices, directing them to perform actions such as launching attacks on other systems, exfiltrating data, or further propagation of the malware.

Command and Control servers can be utilized for various malicious activities, including stealing information, enabling remote access, or coordinating efforts of multiple compromised devices. This centralized control allows attackers to efficiently exploit the capabilities of the network of compromised endpoints.

The other options do not fit this role as precisely. A bot refers to the individual compromised endpoint that executes the commands received from the Command and Control server. A web server generally serves web content and does not manage malicious commands for compromised devices. Directory services are primarily used for managing user access and authentication within a network environment, rather than for controlling compromised systems.