CompTIA CySA+ (CS0-001) — Question 172

A network administrator is attempting to troubleshoot an issue regarding certificates on a secure website.
During the troubleshooting process, the network administrator notices that the web gateway proxy on the local network has signed all of the certificates on the local machine.
Which of the following describes the type of attack the proxy has been legitimately programmed to perform?

Answer options

• A. Transitive access
• B. Spoofing
• C. Man-in-the-middle
• D. Replay

Correct answer: C

Explanation

The correct answer is C, Man-in-the-middle, as the proxy intercepts and signs certificates to facilitate secure connections between users and websites. The other options do not accurately describe the proxy's function; transitive access refers to unauthorized access through a trusted entity, spoofing involves impersonating another entity without legitimate signing, and replay attacks involve the reuse of valid data transmissions.