CompTIA Security+ (SY0-601) — Question 766

An attacker was eavesdropping on a user who was shopping online. The attacker was able to spoof the IP address associated with the shopping site. Later, the user received an email regarding the credit card statement with unusual purchases. Which of the following attacks took place?

Answer options

• A. On-path attack
• B. Protocol poisoning
• C. Domain hijacking
• D. Bluejacking

Correct answer: A

Explanation

The correct answer is A, On-path attack, as it involves intercepting and potentially altering communications between a user and a service. The other options do not fit the scenario: Protocol poisoning pertains to manipulating network protocols, Domain hijacking refers to taking control of a domain name, and Bluejacking involves sending unsolicited messages via Bluetooth, which is unrelated to this case.