nerdexam
CompTIA

SY0-301 · Question #252

A security technician is attempting to access a wireless network protected with WEP. The technician does not know any information about the network. Which of the following should the technician do to

The correct answer is A. Spoof the MAC address of an observed wireless network client. When a technician knows nothing about a WEP-protected network, the first step is passive reconnaissance - observing wireless traffic. By monitoring the airwaves, the technician can see MAC addresses of legitimate clients already associated with the access point. Spoofing one of t

Threats, vulnerabilities, and mitigations

Question

A security technician is attempting to access a wireless network protected with WEP. The technician does not know any information about the network. Which of the following should the technician do to gather information about the configuration of the wireless network?

Options

  • ASpoof the MAC address of an observed wireless network client
  • BPing the access point to discover the SSID of the network
  • CPerform a dictionary attack on the access point to enumerate the WEP key
  • DCapture client to access point disassociation packets to replay on the local PC's loopback

How the community answered

(20 responses)
  • A
    75% (15)
  • B
    5% (1)
  • C
    5% (1)
  • D
    15% (3)

Explanation

When a technician knows nothing about a WEP-protected network, the first step is passive reconnaissance - observing wireless traffic. By monitoring the airwaves, the technician can see MAC addresses of legitimate clients already associated with the access point. Spoofing one of those observed MAC addresses allows the technician to bypass MAC address filtering and gather more information about the network's configuration. Option B is incorrect because SSIDs are not discovered via ping. Option C is an active attack, not reconnaissance. Option D describes replaying disassociation packets, which would be used to force clients to re-authenticate (for capturing handshakes in WPA attacks), not for WEP information gathering.

Topics

#WEP#MAC spoofing#wireless reconnaissance#wireless security

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice