A replay attack is defined as which of the following?

A replay attack happens when an attacker captures a valid message or data transmission and then resends it later to trick the system into treating it as fresh and legitimate. The key idea is exploiting the lack of freshness checks, so the previously valid data can be reused to gain access or perform an action again. This is distinct from downgrading cryptography, which would involve weakening the protocol itself, or from exploiting physical weaknesses like side-channel faults, or simply protecting stored data with encryption at rest. Because the scenario describes reusing captured data to impersonate a legitimate session or transaction, it matches a replay attack. To prevent this, systems use freshness mechanisms such as nonces, timestamps, challenge–response schemes, and short-lived session tokens.