nerdexam
ExamsPT0-001Questions#52
CompTIA

PT0-001 · Question #52

PT0-001 Question #52: Real Exam Question with Answer & Explanation

The correct answer is A: Hardware vendor. Wireless sniffer output includes MAC addresses, and the first three octets identify the hardware vendor via the IEEE Organizationally Unique Identifier registry.

Reconnaissance and enumeration

Question

A penetration tester is reviewing the following output from a wireless sniffer: Which of the following can be extrapolated from the above information?

Options

  • AHardware vendor
  • BChannel interference
  • CUsernames
  • DKey strength

Explanation

Wireless sniffer output includes MAC addresses, and the first three octets identify the hardware vendor via the IEEE Organizationally Unique Identifier registry.

Common mistakes.

  • B. Channel interference analysis requires spectrum analysis tools and signal-to-noise data, not information extractable from standard wireless frame captures.
  • C. Usernames exist at the application layer and are not present in wireless layer-2 frames unless the sniffer captures and decrypts higher-layer authenticated traffic.
  • D. Encryption key strength is determined by the cipher suite negotiated during the authentication handshake and is not directly readable as a discrete value from standard sniffer output.

Concept tested. MAC address OUI hardware vendor identification from wireless capture

Reference. https://standards.ieee.org/products-services/regauth/oui/index.html

Topics

#wireless sniffing#MAC address#OUI lookup#network reconnaissance

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PT0-001 Practice