ExpertEasy1 markMultiple Choice
CPA · Question 52 · Area II: Security
Which of the following attacks involves an attacker intercepting communication between two parties and relaying messages between them?
Which of the following attacks involves an attacker intercepting communication between two parties and relaying messages between them?
Answer options:
A.
Denial of Service (DoS)
B.
Man-in-the-Middle (MitM)
C.
SQL Injection
D.
Phishing
How to approach this question
Identify the 'eavesdropper' scenario.
Full Answer
B.Man-in-the-Middle (MitM)✓ Correct
A Man-in-the-Middle (MitM) attack occurs when an attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.
Common mistakes
Confusing MitM with DoS.
Practice the full CPA ISC Practice Exam 3
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud-based s...MediumQ02During a review of a client's cloud governance structure, an auditor notes that the client uses a...MediumQ03An auditor is evaluating the 'Processing Integrity' principle for a financial institution's loan ...HardQ04A company uses a batch processing system to update inventory records overnight. The 'Grandfather-...HardQ05During a walkthrough of the change management process, an auditor observes that the 'Developer' r...Medium