nerdexam
ExamsSY0-301Questions#179
CompTIA

SY0-301 · Question #179

SY0-301 Question #179: Real Exam Question with Answer & Explanation

The correct answer is B: MAC filtering. MAC filtering allows only pre-approved MAC addresses to connect to a wireless network. However, MAC addresses are transmitted in plaintext in 802.11 frames and are trivially observable by any nearby device in monitor mode. An attacker can sniff the air, observe an authorized MAC

Question

Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?

Options

  • AWEP
  • BMAC filtering
  • CDisabled SSID broadcast
  • DTKIP

Explanation

MAC filtering allows only pre-approved MAC addresses to connect to a wireless network. However, MAC addresses are transmitted in plaintext in 802.11 frames and are trivially observable by any nearby device in monitor mode. An attacker can sniff the air, observe an authorized MAC address, and then spoof (change) their own NIC's MAC address to match - bypassing the filter entirely. WEP is defeated by IV (initialization vector) statistical attacks, not NIC spoofing. Disabled SSID broadcast is defeated by passive sniffing of probe responses. TKIP has cryptographic vulnerabilities unrelated to NIC properties.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-301 Practice