312-50V13 · Question #101
Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the w
The correct answer is C. A man in the middle attack. Susan is performing a man-in-the-middle (MITM) attack by intercepting, modifying, and relaying communication between her boss and the file server without their knowledge.
Question
Options
- AA sniffing attack
- BA spoofing attack
- CA man in the middle attack
- DA denial of service attack
How the community answered
(32 responses)- A6% (2)
- C91% (29)
- D3% (1)
Why each option
Susan is performing a man-in-the-middle (MITM) attack by intercepting, modifying, and relaying communication between her boss and the file server without their knowledge.
A sniffing attack involves passively monitoring network traffic, but it does not include actively intercepting, modifying, and injecting altered data, which are key components of the described scenario.
A spoofing attack involves impersonating another entity (e.g., IP spoofing, MAC spoofing), which might be part of establishing a MITM, but the complete described action of interception, modification, and relaying goes beyond just spoofing.
A man-in-the-middle (MITM) attack involves an attacker intercepting communication between two parties, relaying messages between them, and often modifying the messages in transit. The description explicitly states Susan 'intercepted his traffic,' 'changed it,' and 'placed it on the server,' perfectly matching the characteristics of a MITM attack.
A denial of service (DoS) attack aims to make a service or resource unavailable to its legitimate users, which is not what Susan is doing; she is manipulating data, not preventing access.
Concept tested: Man-in-the-middle attack
Source: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/glossary#man-in-the-middle-attack-mitm
Topics
Community Discussion
No community discussion yet for this question.