312-50V13 Question #101: Real Exam Question with Answer & Explanation

Question

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory. What kind of attack is Susan carrying on?

Options

• AA sniffing attack
• BA spoofing attack
• CA man in the middle attack
• DA denial of service attack

Explanation

Susan is performing a man-in-the-middle (MITM) attack by intercepting, modifying, and relaying communication between her boss and the file server without their knowledge.

Common mistakes.

• A. A sniffing attack involves passively monitoring network traffic, but it does not include actively intercepting, modifying, and injecting altered data, which are key components of the described scenario.
• B. A spoofing attack involves impersonating another entity (e.g., IP spoofing, MAC spoofing), which might be part of establishing a MITM, but the complete described action of interception, modification, and relaying goes beyond just spoofing.
• D. A denial of service (DoS) attack aims to make a service or resource unavailable to its legitimate users, which is not what Susan is doing; she is manipulating data, not preventing access.

Concept tested. Man-in-the-middle attack

Reference. https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/glossary#man-in-the-middle-attack-mitm

No community discussion yet for this question.