CASP+ CAS-003 – Question 281


An organization’s network security administrator has been using an SSH connection to manage switches and routers for several years. After attempting to connect to a router, an alert appears on the terminal emulation software, warning that the SSH key has changed. After confirming the administrator is using the typical workstation and the router has not been replaced, which of the following are the MOST likely explanations
for the warning message? (Choose two.).

A. The SSH keys were given to another department.
B. A MITM attack is being performed by an APT.
C. The terminal emulator does not support SHA-256.
D. An incorrect username or password was entered.
E. A key rotation has occurred as a result of an incident.
F. The workstation is not syncing with the correct NTP server.

Correct Answer: B