nerdexam
CompTIA

SY0-301 · Question #497

Which of the following types of wireless attacks would be used specifically to impersonate another WAP in order to gain unauthorized information from mobile users?

The correct answer is B. Evil twin. An evil twin attack involves setting up a fraudulent WAP that mimics a legitimate one by broadcasting the same SSID to intercept communications from unsuspecting mobile users.

Threats, vulnerabilities, and mitigations

Question

Which of the following types of wireless attacks would be used specifically to impersonate another WAP in order to gain unauthorized information from mobile users?

Options

  • AIV attack
  • BEvil twin
  • CWar driving
  • DRogue access point

How the community answered

(40 responses)
  • A
    5% (2)
  • B
    93% (37)
  • C
    3% (1)

Why each option

An evil twin attack involves setting up a fraudulent WAP that mimics a legitimate one by broadcasting the same SSID to intercept communications from unsuspecting mobile users.

AIV attack

An IV (Initialization Vector) attack targets the weak IV implementation in WEP encryption to crack the encryption key and does not involve impersonating an access point.

BEvil twinCorrect

An evil twin attack creates a rogue access point that broadcasts the same SSID as a legitimate WAP, causing mobile devices to connect to the attacker-controlled network instead of the genuine one. Once connected, the attacker can perform man-in-the-middle attacks to capture credentials, session tokens, and sensitive data from users who believe they are on a trusted network.

CWar driving

War driving is the act of scanning for available wireless networks while in motion and does not involve setting up or impersonating any access point.

DRogue access point

A rogue access point is an unauthorized AP connected to a network without permission, but it does not specifically impersonate an existing legitimate WAP the way an evil twin does.

Concept tested: Evil twin wireless attack impersonating a legitimate WAP

Source: https://www.cisa.gov/sites/default/files/publications/understanding_wireless_attacks_and_detection.pdf

Topics

#evil twin#wireless attack#WAP impersonation#man-in-the-middle

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice