Ethical Hacking Essentials Practice Test

In the context of network security and hacking, when a hacker alters data during transmission, it reflects an active approach to manipulating the data flow in order to gain unauthorized access or exploit sensitive information. This is classified as an active attack.

Active attacks involve direct interaction with the data as it is being transmitted, which can include actions such as interception, modification, insertion of false data, or replaying validated messages. The goal of these attacks is typically to disrupt the service, gain unauthorized access, or otherwise negatively affect the integrity of the communication process.

On the other hand, passive attacks involve monitoring data transmission without altering it; they focus on gathering information without the knowledge of the parties involved. Insider attacks usually refer to threats that originate from within an organization, where individuals with authorized access exploit their credentials. Social engineering attacks manipulate people into divulging confidential information, rather than manipulating data as it transmits. These scenarios do not involve altering data transmission itself, which reinforces why active attacks are the correct classification for the situation described.