PT0-002 · Question #546
PT0-002 Question #546: Real Exam Question with Answer & Explanation
The correct answer is B: MAC address spoofing. A Network Access Control (NAC) system typically enforces policies to allow or block devices based on certain attributes, such as MAC addresses, authentication, or compliance with security policies. In this scenario, the NAC system detected and blocked the penetration tester's lap
Question
A penetration tester gained access to a customer's internal corporate network via a wireless guest network. The penetration tester's laptop was blocked by a NAC system after several Nmap scans. Which of the following techniques would be the most effective in evading the organization's NAC system?
Options
- AUsing only UDP scans
- BMAC address spoofing
- CUsing only ICMP scans
- DUser-agent spoofing
Explanation
A Network Access Control (NAC) system typically enforces policies to allow or block devices based on certain attributes, such as MAC addresses, authentication, or compliance with security policies. In this scenario, the NAC system detected and blocked the penetration tester's laptop after detecting suspicious activity (e.g., Nmap scans). MAC address spoofing involves changing the MAC address of the tester's laptop to mimic a legitimate device already authorized on the network. This technique effectively bypasses NAC systems that rely on MAC address filtering or whitelisting to control access. By spoofing the MAC address of a trusted device, the tester can evade detection and continue testing.
Topics
Community Discussion
No community discussion yet for this question.