Session hijacking (stealing active user sessions).
HTTPS spoofing (tricking users into thinking they are on a secure website).
Why Other Options Are Incorrect:
A. The perpetrator is able to delete data on the network without physical access to the device – Incorrect.
This describes a remote cyberattack, such as malware or ransomware, rather than MITM, which focuses on data interception.
B. The perpetrator is able to exploit network activities for unapproved purposes – Incorrect.
This is too broad and could refer to insider threats, malware, or privilege escalation attacks, rather than specifically MITM.
D. The perpetrator is able to disable default security controls and introduce additional vulnerabilities – Incorrect.
This describes a system exploitation attack, such as a rootkit or backdoor installation, not an MITM attack.
IIA’s Perspective on Cybersecurity and IT Risk Management:
IIA Standard 2110 – Governance requires organizations to implement cybersecurity controls to mitigate risks like MITM attacks.
IIA GTAG (Global Technology Audit Guide) on Cybersecurity Risks advises organizations to use encryption (e.g., TLS, VPNs) to protect data in transit.
NIST Cybersecurity Framework recommends multi-factor authentication (MFA) and secure protocols to prevent MITM attacks.
IIA References:
IIA Standard 2110 – IT Security and Cyber Risk Governance
IIA GTAG – Cybersecurity Controls and Threat Mitigation
NIST Cybersecurity Framework – Secure Data Transmission
Thus, the correct and verified answer is C. The perpetrator is able to take over control of data communication in transit and replace traffic.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit