A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional data.
Historically, this setup has worked without issue, but the researcher recently started getting the following message:
Which of the following network attacks Is the researcher MOST likely experiencing?
A . MAC cloning
B . Evil twin
C . Man-in-the-middle
D . ARP poisoning
Answer: C
Explanation:
This is alarming because it could actually mean that you’re connecting to a different server without knowing it. If this new server is malicious then it would be able to view all data sent to and from your connection, which could be used by whoever set up the server. This is called a man-in-the-middle attack. This scenario is exactly what the "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" message is trying to warn you about.