SY0-301 · Question #497
Which of the following types of wireless attacks would be used specifically to impersonate another WAP in order to gain unauthorized information from mobile users?
The correct answer is B. Evil twin. An evil twin attack involves setting up a fraudulent WAP that mimics a legitimate one by broadcasting the same SSID to intercept communications from unsuspecting mobile users.
Question
Which of the following types of wireless attacks would be used specifically to impersonate another WAP in order to gain unauthorized information from mobile users?
Options
- AIV attack
- BEvil twin
- CWar driving
- DRogue access point
How the community answered
(40 responses)- A5% (2)
- B93% (37)
- C3% (1)
Why each option
An evil twin attack involves setting up a fraudulent WAP that mimics a legitimate one by broadcasting the same SSID to intercept communications from unsuspecting mobile users.
An IV (Initialization Vector) attack targets the weak IV implementation in WEP encryption to crack the encryption key and does not involve impersonating an access point.
An evil twin attack creates a rogue access point that broadcasts the same SSID as a legitimate WAP, causing mobile devices to connect to the attacker-controlled network instead of the genuine one. Once connected, the attacker can perform man-in-the-middle attacks to capture credentials, session tokens, and sensitive data from users who believe they are on a trusted network.
War driving is the act of scanning for available wireless networks while in motion and does not involve setting up or impersonating any access point.
A rogue access point is an unauthorized AP connected to a network without permission, but it does not specifically impersonate an existing legitimate WAP the way an evil twin does.
Concept tested: Evil twin wireless attack impersonating a legitimate WAP
Source: https://www.cisa.gov/sites/default/files/publications/understanding_wireless_attacks_and_detection.pdf
Topics
Community Discussion
No community discussion yet for this question.