Which attack technique involves an attacker intercepting and potentially modifying the communication between two parties without their knowledge?
This attack allows the attacker to intercept and alter communications between two parties.
Why this answer
A man-in-the-middle (MITM) attack is correct because it specifically involves an attacker secretly intercepting and potentially altering communications between two parties who believe they are directly communicating with each other. This is achieved by the attacker inserting themselves into the communication path, often by ARP spoofing, DNS spoofing, or rogue access points, allowing them to capture, decrypt, or modify packets in transit.
Exam trap
The trap here is that candidates often confuse a replay attack with a MITM attack because both involve capturing traffic, but a replay attack only retransmits captured data without real-time interception or modification of the ongoing session.
How to eliminate wrong answers
Option B (Replay attack) is wrong because a replay attack involves capturing a valid data transmission and retransmitting it later to trick the receiver, but it does not involve intercepting and modifying live communication between two parties in real time. Option C (Smurf attack) is wrong because a Smurf attack is a distributed denial-of-service (DDoS) technique that floods a target with ICMP echo replies by spoofing the victim's IP address and sending pings to a broadcast address, not intercepting or modifying communications between two parties.