CompTIA Security+ (SY0-601) — Question 6

A user is attempting to navigate to a website from inside the company network using a desktop. When the user types in the URL, https://www.site.com, the user is presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com. Which of the following describes this attack?

Answer options

• A. On-path
• B. Domain hijacking
• C. DNS poisoning
• D. Evil twin

Correct answer: C

Explanation

The certificate mismatch warning suggests that the user is being directed to an incorrect server, which is consistent with DNS poisoning. This attack alters DNS records to redirect traffic to malicious sites, leading to certificate errors. The other options do not adequately explain the certificate issue; for instance, 'On-path' refers to interception, while 'Evil twin' involves rogue Wi-Fi access points, neither of which directly causes a certificate mismatch.