CompTIA
N10-005 · Question #771
N10-005 Question #771: Real Exam Question with Answer & Explanation
The correct answer is D: Evil twin. An evil twin attack involves setting up a fraudulent wireless access point with the same SSID as a legitimate network to lure users into connecting to it.
Question
Ann, a user, connects to her company's secured wireless network in the conference room when attending meetings. While using the conference room this morning, Ann notices an unsecured wireless network with the same name is available. Ann connects her laptop to this network instead of to the secured one. Ann has fallen victim to which of the following threats?
Options
- ARogue access point
- BARP poisoning
- CReplay attack
- DEvil twin
Explanation
An evil twin attack involves setting up a fraudulent wireless access point with the same SSID as a legitimate network to lure users into connecting to it.
Common mistakes.
- A. A rogue access point is an unauthorized AP added to a network without admin approval, but it does not necessarily mimic an existing SSID - the defining characteristic here is the SSID duplication.
- B. ARP poisoning is a Layer 2 attack where an attacker sends forged ARP replies to associate their MAC address with a legitimate IP, which is unrelated to wireless SSID spoofing.
- C. A replay attack involves capturing and retransmitting valid authentication credentials or packets to gain unauthorized access, which is not what is described in this scenario.
Concept tested. Evil twin wireless attack SSID spoofing
Reference. https://www.cisco.com/c/en/us/products/security/what-is-an-evil-twin-attack.html
Community Discussion
No community discussion yet for this question.