What does a man-in-the-middle attack typically aim to accomplish?

A man-in-the-middle attack primarily aims to capture sensitive data exchanged between two parties. This type of attack occurs when a malicious actor intercepts communications between two entities, such as two users or a user and a server, without either party being aware of the interception. The attacker can then eavesdrop on the communications or even modify the data being sent or received.

The primary goal of this interception is to obtain sensitive information, such as login credentials, credit card numbers, or personal information, which can then be exploited for various malicious purposes. This highlights the importance of securing communications using encryption protocols, such as TLS, which make it significantly more difficult for an attacker to successfully perform a man-in-the-middle attack.

In contrast, other options represent different types of attacks or techniques that are not central to the essence of a man-in-the-middle attack. Disruption of communication may occur as a secondary effect but does not capture the fundamental aim of this type of attack. Injecting malicious code pertains more to application vulnerabilities rather than the intercepting aspect of a man-in-the-middle attack. Unauthorized access to network devices relates to exploiting vulnerabilities directly within the devices rather than intercepting communications between users. Therefore, capturing sensitive data is the key objective that defines man-in-the