312-50V12 · Question #299
312-50V12 Question #299: Real Exam Question with Answer & Explanation
The correct answer is C: Downgrade security attack. The attack describes an attacker forcing a victim's device to connect using a less secure WPA2 protocol, despite WPA3 being available, to facilitate cracking the encryption.
Question
An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages. What is the attack performed in the above scenario?
Options
- ACache-based attack
- BTiming-based attack
- CDowngrade security attack
- DSide-channel attack
Explanation
The attack describes an attacker forcing a victim's device to connect using a less secure WPA2 protocol, despite WPA3 being available, to facilitate cracking the encryption.
Common mistakes.
- A. A cache-based attack exploits vulnerabilities related to a processor's cache memory to infer sensitive information, which is unrelated to manipulating network protocol negotiation.
- B. A timing-based attack infers sensitive data by measuring the time taken for certain operations to complete, which is not the method described for forcing a protocol downgrade.
- D. A side-channel attack extracts information from the physical implementation of a system (e.g., power consumption or electromagnetic emissions), rather than directly forcing a less secure cryptographic protocol.
Concept tested. Wi-Fi protocol downgrade attack
Topics
Community Discussion
No community discussion yet for this question.