312-50V11 · Question #994
Attacker Rony installed a rogue access point within an organization's perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the
The correct answer is B. Wireless network assessment. A wireless network assessment specifically targets the security of wireless infrastructure, including detection of rogue access points and evaluation of authentication mechanisms like WEP or WPA.
Question
Attacker Rony installed a rogue access point within an organization's perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by johnson in the above scenario?
Options
- AHost-based assessment
- BWireless network assessment
- CApplication assessment
- DDistributed assessment
How the community answered
(30 responses)- B90% (27)
- C7% (2)
- D3% (1)
Why each option
A wireless network assessment specifically targets the security of wireless infrastructure, including detection of rogue access points and evaluation of authentication mechanisms like WEP or WPA.
A host-based assessment focuses on the configuration and vulnerabilities of individual computing hosts, not wireless network infrastructure or authentication protocols.
A wireless network assessment evaluates the security posture of an organization's wireless environment, covering rogue access points, encryption weaknesses, and authentication vulnerabilities. The scenario involves a rogue AP, cracking of wireless authentication, and testing for outdated wireless security protocols, which all fall squarely within the scope of a wireless network assessment.
An application assessment examines software applications for vulnerabilities such as injection flaws or insecure APIs, which is unrelated to the wireless intrusion scenario described.
A distributed assessment evaluates security across geographically dispersed network segments or systems and does not specifically address wireless authentication weaknesses.
Concept tested: Wireless network vulnerability assessment scope
Source: https://www.nist.gov/publications/guide-securing-legacy-ieee-80211-wireless-networks
Topics
Community Discussion
No community discussion yet for this question.