The correct answer is A. Passive attack because the activity described involves monitoring and capturing information without altering data, system resources, or communications. In CEH-aligned information security concepts, passive attacks are defined by the attacker’s goal of eavesdropping— observing traffic to collect intelligence such as usernames/passwords, session identifiers, network patterns, or sensitive content—while making minimal changes that would trigger detection. The scenario explicitly states that the actor is “silently capturing clear-text credentials” and “analyzing unencrypted traffic,” and that “no modifications have been made to the data.” These are signature indicators of passive attacks such as packet sniffing and traffic analysis.
On an internal Wi-Fi network, passive attacks are particularly effective when encryption is weak or absent, or when users access services that transmit credentials in clear text. An attacker can capture packets and reconstruct sensitive information, especially where legacy protocols or misconfigurations exist. Because passive attackers do not need to inject or modify packets, they often avoid generating anomalies such as retransmissions, spoofed responses, or unexpected routing changes—helping them remain undetected, consistent with the prompt.
Why the other options do not fit: Distribution attack is not the standard classification for this behavior and does not specifically describe silent observation of traffic. Close-in attack refers to attacks that depend on physical proximity (e.g., shoulder surfing, physical tapping, local interception near the target). While Wi-Fi sniffing can require proximity, the defining characteristic in the question is the non-invasive observation with no data modification—i.e., passive attack. Insider attack relates to the attacker’s identity/role (a trusted internal person), which is not established here; the scenario only describes behavior, not who the actor is.
Therefore, the described credential capture and traffic analysis without modification most clearly indicates a passive attack.
Submit