Exam CS0-003 topic 1 question 7 discussion

The fact that the company's internal portal is sometimes accessible through HTTP (port 80) and other times through HTTPS (port 443) suggests that someone with internal access is actively manipulating the network traffic. An on-path attack is a type of man-in-the-middle attack where an attacker intercepts and modifies communication between two parties. By forcing users into using HTTP instead of HTTPS, the attacker can potentially capture sensitive information transmitted over the network, such as login credentials or session data. An issue with the SSL certificate (Option A) would generally result in HTTPS not working at all, rather than it being intermittently accessible. A web server unable to handle an increasing amount of HTTPS requests (Option C) would likely result in performance issues or server errors, but it wouldn't selectively redirect users to HTTP. BGP (Border Gateway Protocol) is used for routing between autonomous systems on the internet, and it generally would not cause the internal portal to switch between HTTP and HTTPS. It is more relevant to external internet routing.

In this scenario, users are experiencing inconsistent access to the company's internal portal, sometimes accessing it through HTTP and other times through HTTPS, which suggests that someone with internal access is performing an on-path attack, manipulating network traffic to force users into using port 80 (HTTP) instead of port 443 (HTTPS). This explanation aligns with the observed behavior of inconsistent access to the internal portal and indicates a potential security threat that should be investigated further.

An on-path attack is being performed by someone with internal access that forces the user into port 80.

B. An on-path attack is being performed by someone with internal access that forces users into port 80

The answer is B. An on-path attack is being performed by someone with internal access that forces users into port 80.

The observed activity most likely corresponds to: B. An on-path attack is being performed by someone with internal access that forces users into port 80. Explanation: The situation where users sometimes access the company's internal portal via HTTP (port 80) instead of HTTPS (port 443) suggests that there may be an active attacker within the internal network, performing a man-in-the-middle (MITM) or on-path attack.