Which of the following most likely describes the observed activity?

A company’s user accounts have been compromised. Users are also reporting that the company’s internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS.

Which of the following most likely describes the observed activity?
A . There is an issue with the SSL certificate causinq port 443 to become unavailable for HTTPS access
B . An on-path attack is being performed by someone with internal access that forces users into port 80
C . The web server cannot handle an increasing amount of HTTPS requests so it forwards users to port 80
D . An error was caused by BGP due to new rules applied over the company’s internal routers

View Answer

Answer: B

Explanation:

An on-path attack is a type of man-in-the-middle attack where an attacker intercepts and modifies network traffic between two parties. In this case, someone with internal access may be performing an on-path attack by forcing users into port 80, which is used for HTTP communication, instead of port 443, which is used for HTTPS communication. This would allow the attacker to compromise the user accounts and access the company’s internal portal.