Master the CompTIA Network+ Exam. Prepare with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your certification!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.


What type of attack refers to capturing and manipulating the data between two parties in a network session?

  1. Denial of Service

  2. On-path attack

  3. Phishing attack

  4. Brute Force Attack

The correct answer is: On-path attack

The type of attack that involves capturing and manipulating the data between two parties in a network session is known as an on-path attack. This form of attack allows an adversary to intercept communication between the two legitimate participants, enabling them to read, alter, or inject data without being detected. In a typical on-path attack scenario, the attacker positions themselves between the sender and the receiver—hence the term "on-path." By doing so, they can manipulate the information being exchanged, which can lead to serious security breaches, such as data theft or unauthorized commands being executed. While other types of attacks listed have their particular characteristics, they do not involve the same method of intercepting and manipulating data during an active session. Denial of Service targets availability by overwhelming a service, phishing focuses on deceiving individuals to acquire sensitive information, and brute force attacks are about guessing passwords to gain unauthorized access. Therefore, when discussing the interception and manipulation of data in transit, the key term is indeed on-path attack.