Exam 98-367 topic 1 question 2 discussion

First answer – Eavesdropping Second Answer – never send a plaintext password

Man in the middle is when Chuck is pretending to be the next expected hub and pretends to be the system or service expected by the sender, Chuck is actings as if it was that application service, but here doesn't state this, so must be Eavesdropping, just able to intercept communication

Eavesdropping - In general, the majority of network communications occur in an unsecured or "cleartext" format, which allows an attacker who has gained access to data paths in your network to "listen in" or interpret (read) the traffic. When an attacker is eavesdropping on your communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network.

In my opinion: First - Mand in the middle (MITM) - The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers. Second - never send a plaintext password Just to explain why first is MITM here is the definition of Eavesdropping - Eavesdropping attack, also known as sniffing or snooping attack, happens when an unauthorized party steals, modifies or deletes essential information that is transmitted between two electronic devices.

First one should be man in the middle attack.

eavesdroping never send a plaintext password

The answer is not highlighted so dose anyone know the answer.