SY0-301 · Question #354
Which of the following means of wireless authentication is easily vulnerable to spoofing?
The correct answer is A. MAC Filtering. MAC address filtering is trivially bypassed because MAC addresses are transmitted in plaintext and can be captured and cloned. An attacker can spoof a whitelisted MAC address using freely available tools.
Question
Which of the following means of wireless authentication is easily vulnerable to spoofing?
Options
- AMAC Filtering
- BWPA - LEAP
- CWPA - PEAP
- DEnabled SSID
How the community answered
(21 responses)- A90% (19)
- B5% (1)
- D5% (1)
Why each option
MAC address filtering is trivially bypassed because MAC addresses are transmitted in plaintext and can be captured and cloned. An attacker can spoof a whitelisted MAC address using freely available tools.
MAC addresses are broadcast unencrypted in every 802.11 frame, so an attacker can use a wireless packet analyzer to capture a valid, authorized MAC address and then configure their own adapter to impersonate it. Because the access point only checks the hardware address and not a cryptographic credential, spoofing bypasses the control entirely.
WPA-LEAP uses a challenge-response mechanism and while it has known weaknesses to dictionary attacks, it is not specifically described as 'easily' spoofed in the same trivial sense as MAC addresses.
WPA-PEAP tunnels authentication inside TLS, providing strong mutual authentication that is not easily spoofed.
Enabling SSID broadcast makes the network discoverable but is a visibility setting, not an authentication mechanism, so it is not relevant to spoofing authentication.
Concept tested: MAC address spoofing vulnerability in wireless auth
Source: https://owasp.org/www-community/attacks/MAC_Spoofing
Topics
Community Discussion
No community discussion yet for this question.