Which of the following attacks would cause all mobile devices to lose their association with corporate access points while the attack is underway?
A.
Wireless jamming
B.
Evil twin
C.
Rogue AP
D.
Packet sniffing
Explanation:
When most people think of frequency jamming, what comes to mind are radio, radar and cell phone jamming. However, any communication that uses radio
frequencies can be jammed by a strong radio signal in the same frequency. In this manner, Wi-Fi may be attacked with a network jamming attack, reducing signal
quality until it becomes unusable or disconnects occur. With very similar methods, a focused and aimed signal can actually break access point hardware, as with
equipment destruction attacks.
Incorrect Answers:
B: An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate
provider. In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data
can be stolen by spying on a connection or using a phishing technique.
For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and
frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate
hotspot with the same name.
In wireless transmissions, evil twins are not a new phenomenon. Historically, they were known as honeypots or base station clones. With the advancement of
wireless technology and the use of wireless devices in public areas, it is very easy for novice users to set up evil twin exploits. An evil twin access point would not
cause all mobile devices to lose their association with corporate access points. Therefore, this answer is incorrect.
C: A rogue access point is a wireless access point that has either been installed on a secure company network without explicit authorization from a local networkadministrator, or has been created to allow a hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security threat to large
organizations with many employees, because anyone with access to the premises can install (maliciously or non-maliciously) an inexpensive wireless router that
can potentially allow access to a secure network to unauthorized parties. Rogue access points of the second kind target networks that do not employ mutual
authentication (client-server server-client) and may be used in conjunction with a rogue RADIUS server, depending on security configuration of the target network.
A rogue access point would not cause all mobile devices to lose their association with corporate access points. Therefore, this answer is incorrect.
D: Packet sniffing is the process of intercepting data as it is transmitted over a network. A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If
computers are connected to a local area network that is not filtered or switched, the traffic can be broadcast to all computers contained in the same segment. This
doesn’t generally occur, since computers are generally told to ignore all the comings and goings of traffic from other computers. However, in the case of a sniffer,
all traffic is shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic. The NIC is put into promiscuous mode, and it
reads communications between computers within a particular segment. This allows the sniffer to seize everything that is flowing in the network, which can lead to
the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware or software solution. A sniffer is also known as a packet analyzer.
Packet sniffing would not cause all mobile devices to lose their association with corporate access points. Therefore, this answer is incorrect.http://whatis.techtarget.com/definition/frequency-jammer http://www.techopedia.com/definition/5057/evil-twin
http://en.wikipedia.org/wiki/Rogue_access_point
http://www.techopedia.com/definition/4113/sniffer