An employee reports an error when visiting a website using SSL, and a message is displayed warning of an invalid certificate. Which of the following could be occurring?
A. Phishing
B. DDoS
C. Evil twin
D. MITM
E. OCSP stapling
Exam N10-008: CompTIA Network+Free dumps for N10-008 in PDF format.High quality N10-008 PDF and software. VALID exam to help you pass. |
C. is the answer here. The chances of grabbing unencrypted info is pretty low since every browser pretty much forces HTTPS so the only other way to steal credentials would be to set up a fake website login page.
https://security.stackexchange.com/questions/153214/redirect-a-user-to-a-trap-page-using-evil-twin
Answer is MITM
By elimination we can rule out 1st 3 and ocsp uses TLS so answer is MITM
I think that OCSP stapling might be the “red Herring” answer here. I think that the main focus is that the Evil Twin, has caused the invalid certificate message to pop up, because of the fact that the Evil twin caused OCSP stapling to fail.
I don’t think this has anything to do with any of the first 4 attack answers, specially nothing to do with Evil twin as that is for wireless
An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.
I think the answer should be E. OCSP stapling
OCSP stapling is an alternative approach to the original Online Certificate Status Protocol (OCSP) for determining whether an SSL certificate is valid or not. … This allows the web server to check the validity of it’s certificates and eliminates the need for the client to contact the certificate authority
https://www.google.com/search?sxsrf=ALeKk00c9X9Tw9qMUpBy2fic2ObvJh16Eg:1597455295096&q=How+does+OCSP+stapling+work%3F&sa=X&ved=2ahUKEwirkaLbiJzrAhUFRqwKHQo4BfUQzmd6BAgQEAw&biw=1286&bih=916
100% agree with everything you’re saying, but the question never said whether it was wired/wireless network.