CERTIFIED-IN-CYBERSECURITY · Question #186
CERTIFIED-IN-CYBERSECURITY Question #186: Real Exam Question with Answer & Explanation
The correct answer is C: An attack that attempts to intercept the communication between two devices in order to modify. An attack that attempts to place themselves between two devices, often between a web browser and a web server, to intercept or modify information that is intended for one or both of the endpoints (see ISC2 Study Guide, Module 2, under Types of Threats). On-path attacks are passiv
Question
What is an 'on-path' attack?
Options
- AAn attack with the goal of gaining access to a target system through the use of a falsified identity
- BAn attack involving numerous unsuspecting secondary victim systems
- CAn attack that attempts to intercept the communication between two devices in order to modify
- DA passive, noninvasive attack to observe the operation of a device
Explanation
An attack that attempts to place themselves between two devices, often between a web browser and a web server, to intercept or modify information that is intended for one or both of the endpoints (see ISC2 Study Guide, Module 2, under Types of Threats). On-path attacks are passive attacks, meaning they do not involve any direct interaction with the target system. They also differ from distributed denial of service (DDoS) attacks, which involve numerous unsuspecting secondary victim systems. The primary goal of an on-path attack is to gain access to a target system by impersonating a legitimate user or device.
Topics
Community Discussion
No community discussion yet for this question.