CompTIA Security+ (SY0-501) — Question 456

Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications?

Answer options

• A. Spear phishing
• B. Main-in-the-middle
• C. URL hijacking
• D. Transitive access

Correct answer: B

Explanation

The correct answer is B, Man-in-the-middle, as it specifically refers to an attack where a third party intercepts and possibly alters communications between two parties without their awareness. Option A, Spear phishing, involves targeted phishing attempts and does not describe interception. Option C, URL hijacking, relates to redirecting users to fraudulent sites, while D, Transitive access, involves unauthorized access through a trusted relationship, which does not match the described scenario.