A penetration tester uses a tool to capture and analyze unencrypted authentication traffic on a network. What vulnerability is being exploited?

  1. Unencrypted protocol usage ✓
  2. Weak password policy
  3. Missing multi-factor authentication
  4. Absence of network segmentation

Correct answer: Unencrypted protocol usage

Option A is correct because capturing cleartext authentication credentials is only possible when the protocol in use does not encrypt the session, such as telnet, FTP, or basic HTTP, making unencrypted protocol usage the root vulnerability being demonstrated. Option B is incorrect because a weak password policy describes credential strength, not why credentials are visible on the wire. Option C is incorrect because the absence of multi-factor authentication is a separate control gap; even with MFA, the credential being transmitted in cleartext is the direct vulnerability exploited by passive sniffing. Option D is incorrect because network segmentation limits attacker reach but does not prevent credential exposure once the attacker is on the same segment; the underlying issue remains the lack of transport encryption.

Topic: Security Operations · network sniffing, cleartext protocols, credential exposure, penetration testing

Practice CompTIA Security+ (SY0-701) Questions Free