SY0-301 · Question #252
A security technician is attempting to access a wireless network protected with WEP. The technician does not know any information about the network. Which of the following should the technician do to
The correct answer is A. Spoof the MAC address of an observed wireless network client. When a technician knows nothing about a WEP-protected network, the first step is passive reconnaissance - observing wireless traffic. By monitoring the airwaves, the technician can see MAC addresses of legitimate clients already associated with the access point. Spoofing one of t
Question
A security technician is attempting to access a wireless network protected with WEP. The technician does not know any information about the network. Which of the following should the technician do to gather information about the configuration of the wireless network?
Options
- ASpoof the MAC address of an observed wireless network client
- BPing the access point to discover the SSID of the network
- CPerform a dictionary attack on the access point to enumerate the WEP key
- DCapture client to access point disassociation packets to replay on the local PC's loopback
How the community answered
(20 responses)- A75% (15)
- B5% (1)
- C5% (1)
- D15% (3)
Explanation
When a technician knows nothing about a WEP-protected network, the first step is passive reconnaissance - observing wireless traffic. By monitoring the airwaves, the technician can see MAC addresses of legitimate clients already associated with the access point. Spoofing one of those observed MAC addresses allows the technician to bypass MAC address filtering and gather more information about the network's configuration. Option B is incorrect because SSIDs are not discovered via ping. Option C is an active attack, not reconnaissance. Option D describes replaying disassociation packets, which would be used to force clients to re-authenticate (for capturing handshakes in WPA attacks), not for WEP information gathering.
Topics
Community Discussion
No community discussion yet for this question.