Man-in-the-Middle (MITM)

MITM intercepts communications between two parties to steal or alter data.

Updated: 2026-03-05

Definition

A MITM attack occurs when an attacker positions themselves between two communicating parties to eavesdrop or modify traffic.

Examples include rogue Wi-Fi, ARP spoofing, and DNS spoofing.

Key points

Targets confidentiality and integrity
TLS helps prevent many MITM attacks
Network segmentation reduces attack surface

Common mistakes

Assuming encryption at rest prevents MITM (need TLS in transit).
Trusting unknown Wi-Fi networks without protection.

Related exams

CompTIA Security+ (SY0-701)

Free Security+ SY0-701 mini test. Continue in the app for offline packs and detailed explanations.

CompTIA Network+ (N10-009)

Free Network+ N10-009 mini test. Continue in the app for offline packs and detailed explanations.

Related terms

Want to practice this in exam-style questions?

Use the mini tests on each exam page, then continue in the app for offline packs and detailed explanations.