A user is connecting to your website from a public Wi-Fi network. Explain the security implications of this scenario and the protective measures in place, specifically addressing the following two parts:

Part 1: Man-in-the-Middle Attack Explanation (Approx. 40% of total points) Explain in detail what a Man-in-the-Middle (MitM) attack is. Your explanation should cover:

• The attacker's objective.
• How an attacker typically positions themselves (e.g., ARP spoofing, rogue Wi-Fi access points) to intercept traffic on a public network.
• What kind of information an attacker can gain if the connection is unencrypted.

Part 2: HTTPS (TLS/SSL) Prevention Mechanism (Approx. 60% of total points) Describe precisely how HTTPS, utilizing TLS/SSL, prevents an attacker on the same public Wi-Fi network from reading or modifying the traffic between the user's browser and your server. Your explanation must include:

• The role of encryption (symmetric and asymmetric) in securing the communication.
• The function of digital certificates and Certificate Authorities (CAs) in verifying server identity and preventing impersonation.
• The key steps involved in the TLS/SSL handshake process relevant to establishing a secure and trusted connection.
• How message integrity is ensured against modification attempts.