1
.
Based
on
the
"
Mitigating
a
Fallacy
"
rules
:
Executing
____________________
on
victim
=
=
executing
an
attack
2
.
The
man
-
in
-
the
-
middle
attack
(
often
abbreviated
MitM
,
also
known
as
a
bucket
brigade
attack
,
or
sometimes
Janus
attack
)
in
cryptography
and
computer
security
is
a
form
of
active
____________________
in
which
the
attacker
makes
independent
connections
with
the
victims
and
____________________
messages
between
them
,
making
them
believe
that
they
are
talking
directly
to
each
other
over
a
private
connection
,
when
in
fact
the
entire
conversation
is
controlled
by
the
attacker
.
3
.
The
attacker
must
be
able
to
____________________
all
messages
going
between
the
two
victims
and
inject
new
ones
,
which
is
straightforward
in
many
circumstances
(
for
example
,
an
attacker
within
reception
range
of
an
unencrypted
Wi
-
Fi
wireless
access
point
,
can
insert
himself
as
a
man
-
in
-
the
-
middle
)
.
4
.
A
man
-
in
-
the
-
middle
attack
can
succeed
only
when
the
attacker
can
impersonate
each
endpoint
to
the
satisfaction
of
the
other
?
it
is
an
attack
on
mutual
____________________
(
or
lack
thereof
)
.
Most
____________________
protocols
include
some
form
of
endpoint
authentication
specifically
to
prevent
MITM
attacks
.
For
example
,
SSL
can
authenticate
one
or
both
parties
using
a
mutually
trusted
certification
authority
.
5
.
Various
defenses
against
MITM
attacks
use
authentication
techniques
that
are
based
on
the
____________________
key
infrastructures
.
6
.
Stronger
mutual
authentication
,
such
as
:
Secret
____________________
(
which
are
usually
high
information
entropy
secrets
,
and
thus
more
secure
)
,
or
Passwords
(
which
are
usually
low
information
entropy
secrets
,
and
thus
less
secure
)
.
