CompTIA Security+ SY0-601 – Question651

A security engineer is reviewing log files after a third party discovered usernames and passwords for the organization's accounts. The engineer sees there was a change in the IP address for a vendor website one week earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?


A.
Man-in-the-middle
B. Spear-phishing
C. Evil twin
D. DNS poisoning

Correct Answer: D