Home › B.Tech Cyber Security › cybersecurity › Network Security › A MAN-IN-THE-MIDDLE (MITM) attack happens when
A MAN-IN-THE-MIDDLE (MITM) attack happens when
Aattacker sits between two parties
Bthe server crashes during request
Cthe network has unusually high latency
Dtwo different users share the same username
Answer & Solution
Correct answer: A. attacker sits between two parties
1. MITM: attacker positions themselves between two parties and intercepts/relays/modifies the traffic.
2. COMMON SCENARIOS:
• Rogue Wi-Fi access points (evil twin) on public networks.
• ARP spoofing on a LAN — attacker poisons ARP tables so traffic flows through them.
• DNS spoofing — attacker forges DNS responses to redirect to a malicious server.
• Compromised certificate authority issuing fraudulent certs.
3. DEFENSE:
• TLS with proper CERTIFICATE VALIDATION (defeats most MITM).
• HSTS (HTTP Strict Transport Security) prevents downgrade attacks.
• Certificate pinning in mobile apps.
4. Other options describe unrelated phenomena.
_Source: NIST SP 800-12 + RFC 7457 (Summarizing Known Attacks on TLS)._
Related questions
A SIEM (Security Information and Event Management) system primarilyA WEB APPLICATION FIREWALL (WAF) sits at which layer of the network?ARP SPOOFING (or ARP poisoning) lets an attacker on a LANWPA3 isA ZERO-TRUST network architecture is based on the principleDDoS (Distributed Denial of Service) differs from DoS in thatDNSSEC adds which security property to DNS?A SYN FLOOD attack works by