What is a man-in-the-middle attack and how is it prevented?

A man-in-the-middle attack occurs when an attacker secretly intercepts and potentially alters communication between two parties who believe they are communicating directly. The attacker can eavesdrop on sensitive data, modify messages, or inject malicious content. Common techniques include ARP spoofing on local networks, DNS spoofing, and rogue wireless access points. Prevention measures include using TLS and HTTPS for encrypted communications, implementing certificate pinning, deploying network monitoring for ARP anomalies, and using mutual authentication.