KT-NET ARP spoofing

Users report SSL warnings only on the office Wi-Fi, not VPN. Suspected cause?

Multiple choice — select one answer

Answer choices

  1. a. Routine Windows patch Tuesday reboot affecting laptops temporarily, without security or identity team coordination per policy.
  2. b. Misconfigured SPF records for the company's marketing email domain, without security or identity team coordination per policy.
  3. c. Expired corporate code-signing certificate on the domain controllers only, without security or identity team coordination per policy.
  4. d. On-path attacker performing ARP spoofing or rogue AP with malicious certificate

Architectural breakdown & explanation

Wi-Fi-only cert warnings may indicate MITM on local LAN.

Correct answer(s): d. On-path attacker performing ARP spoofing or rogue AP with malicious certificate

Exam domain: ARP spoofing (17% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Network Security bank. Run a full timed practice exam with domain-weighted random questions in your browser.