Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses
to a single port. Which of the following wireless attacks would this address?
A.
Interference
B.
Man-in-the-middle
C.
ARP poisoning
D.
Rogue access point
Explanation:
MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access
control method whereby the 48-bit address assigned to each network card is used to determine access to the network. MAC addresses are uniquely assigned to
each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists.
In this question, a rogue access point would need to be able to connect to the network to provide access to network resources. If the MAC address of the rogue
access point isn’t allowed to connect to the network port, then the rogue access point will not be able to connect to the network.
Incorrect Answers:
A: There can be many sources of interference to network communications especially in wireless networks. However, limiting the MAC addresses that can connect
to a network port will not prevent interference. Therefore, this answer is incorrect.
B: In cryptography and computer security, a man-in-the-middle attack is an attack where the attacker secretly relays and possibly alters the communication
between two parties who believe they are directly communicating with each other. One example is active eavesdropping, in which the attacker makes independent
connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in
fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all relevant messages passing between the two victims and inject
new ones. This is straightforward in many circumstances; for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert
himself as a man-in-the-middle. Limiting the MAC addresses that can connect to a network port is not used to prevent man-in-the-middle attacks. Therefore, this
answer is incorrect.
C: Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks
an Ethernet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets. This modifies the layer -Ethernet MAC address into
the hacker’s known MAC address to monitor it. Because the ARP replies are forged, the target computer unintentionally sends the frames to the hacker’s computer
first instead of sending it to the original destination. As a result, both the user’s data and privacy are compromised. An effective ARP poisoning attempt is
undetectable to the user.
ARP poisoning is also known as ARP cache poisoning or ARP poison routing (APR). Limiting the MAC addresses that can connect to a network port is not used to
prevent ARP poisoning. Therefore, this answer is incorrect.http://en.wikipedia.org/wiki/MAC_filtering
http://www.techopedia.com/definition/27471/address-resolution-protocol-poisoning-arp- poisoning