I am trying to understand the wp-cron system better.

I have recently had instances of my server resources being used up, throwing 503 errors, and on investigation this always appeared to happen during a scheduled cron from a plugin or theme. Now, I know the native system in wordpress calls the wp-cron.php file every time a page loads (and I know that a better way to run crons is to get the server at timed intervals), but my question is this:

If a bot is attacking the wp-cron.php file accessing it over and over,
if it happens that a scheduled cron job is called into action, if that
cron job doesn’t execute by the time the bot accesses the wp-cron.php
file again, does this mean that the scheduled cron job is executed
again (and again and again) and therefore causing a spike in CPU and
RAM used?

Sorry if this is way off the mark, I just really want to understand why my site may have been getting these spikes in the past and why they always appeared to occur during a scheduled cron job.