Certified Secure Software Lifecycle Professional (CSSLP) — Question 40

Which of the following types of attacks occurs when an attacker successfully inserts an intermediary software or program between two communicating hosts?

Answer options

• A. Denial-of-service attack
• B. Dictionary attack
• C. Man-in-the-middle attack
• D. Password guessing attack

Correct answer: C

Explanation

The correct answer is C, the Man-in-the-middle attack, as it specifically involves an attacker inserting themselves between two parties in a communication stream. The other options do not describe this scenario: A denial-of-service attack disrupts service availability, a dictionary attack involves password cracking using pre-defined lists, and a password guessing attack entails attempting various passwords to gain access.