PT0-002 · Question #556
PT0-002 Question #556: Real Exam Question with Answer & Explanation
The correct answer is C: Aircrack-ng suite. The Aircrack-ng suite is a collection of tools specifically designed for wireless penetration testing. It includes tools for capturing and analyzing wireless traffic, cracking WEP/WPA/WPA2 keys, and auditing Wi-Fi networks. The specific tool in the suite, Airodump-ng, is used to
Question
A security analyst is conducting a wireless penetration test on a corporate network. The goal is to capture and analyze handshakes between wireless clients and the access point. Which of the following tools would be the most appropriate for the analyst to use?
Options
- AAmplified antenna
- BEvil twin
- CAircrack-ng suite
- DCaptive portal
Explanation
The Aircrack-ng suite is a collection of tools specifically designed for wireless penetration testing. It includes tools for capturing and analyzing wireless traffic, cracking WEP/WPA/WPA2 keys, and auditing Wi-Fi networks. The specific tool in the suite, Airodump-ng, is used to capture the four- way handshake between a wireless client and the access point (AP). This handshake can later be analyzed or cracked to retrieve the pre-shared key (PSK). Steps typically include: 1. Using Airodump-ng to capture the wireless handshake traffic. 2. Triggering a deauthentication attack (e.g., using Aireplay-ng) to force clients to reconnect to the AP, ensuring a handshake is captured. 3. Analyzing the captured handshake with tools like Aircrack-ng to test password strength.
Topics
Community Discussion
No community discussion yet for this question.