nerdexam
CompTIA

SY0-301 · Question #354

Which of the following means of wireless authentication is easily vulnerable to spoofing?

The correct answer is A. MAC Filtering. MAC address filtering is trivially bypassed because MAC addresses are transmitted in plaintext and can be captured and cloned. An attacker can spoof a whitelisted MAC address using freely available tools.

Threats, vulnerabilities, and mitigations

Question

Which of the following means of wireless authentication is easily vulnerable to spoofing?

Options

  • AMAC Filtering
  • BWPA - LEAP
  • CWPA - PEAP
  • DEnabled SSID

How the community answered

(21 responses)
  • A
    90% (19)
  • B
    5% (1)
  • D
    5% (1)

Why each option

MAC address filtering is trivially bypassed because MAC addresses are transmitted in plaintext and can be captured and cloned. An attacker can spoof a whitelisted MAC address using freely available tools.

AMAC FilteringCorrect

MAC addresses are broadcast unencrypted in every 802.11 frame, so an attacker can use a wireless packet analyzer to capture a valid, authorized MAC address and then configure their own adapter to impersonate it. Because the access point only checks the hardware address and not a cryptographic credential, spoofing bypasses the control entirely.

BWPA - LEAP

WPA-LEAP uses a challenge-response mechanism and while it has known weaknesses to dictionary attacks, it is not specifically described as 'easily' spoofed in the same trivial sense as MAC addresses.

CWPA - PEAP

WPA-PEAP tunnels authentication inside TLS, providing strong mutual authentication that is not easily spoofed.

DEnabled SSID

Enabling SSID broadcast makes the network discoverable but is a visibility setting, not an authentication mechanism, so it is not relevant to spoofing authentication.

Concept tested: MAC address spoofing vulnerability in wireless auth

Source: https://owasp.org/www-community/attacks/MAC_Spoofing

Topics

#MAC filtering#MAC spoofing#wireless authentication#authentication bypass

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice