CompTIA Security+ (SY0-501) — Question 951

A network administrator is attempting to troubleshoot an issue regarding certificates on a secure website. During the troubleshooting process, the network administrator notices that the web gateway proxy on the local network has signed all of the certificates on the local machine.
Which of the following describes the type of attack the proxy has been legitimately programmed to perform?

Answer options

• A. Transitive access
• B. Spoofing
• C. Man-in-the-middle
• D. Replay

Correct answer: C

Explanation

The correct answer is C, Man-in-the-middle, as the proxy is intercepting and signing certificates to facilitate secure communication, which is a legitimate function in some environments. Option A, Transitive access, does not apply here as it refers to unauthorized access rather than certificate handling. Option B, Spoofing, is incorrect because it involves impersonating another entity, while the proxy is functioning within its authorized role. Option D, Replay, involves capturing and retransmitting data without alteration, which is not relevant to the situation described.