Ann, the network administrator, has learned from the helpdesk that employees are accessing the
wireless network without entering their domain credentials upon connection. Once the connection
is made, they cannot reach any internal resources, while wired network connections operate
smoothly. Which of the following is MOST likely occurring?
A.
A user has plugged in a personal access point at their desk to connect to the network
wirelessly.
B.
The company is currently experiencing an attack on their internal DNS servers.
C.
The company’s WEP encryption has been compromised and WPA2 needs to be implemented
instead.
D.
An attacker has installed an access point nearby in an attempt to capture company information.
Explanation:
The question implies that users should be required to enter their domain credentials upon
connection to the wireless network. The fact that they are connecting to a wireless network without
being prompted for their domain credentials and they are unable to access network resources
suggests they are connecting to a rogue wireless network.
A rogue access point is a wireless access point that has either been installed on a secure
company network without explicit authorization from a local network administrator, or has been
created to allow a hacker to conduct a man-in-the-middle attack. Rogue access points of the first
kind can pose a security threat to large organizations with many employees, because anyone with
access to the premises can install (maliciously or non-maliciously) an inexpensive wireless router
that can potentially allow access to a secure network to unauthorized parties. Rogue access pointsof the second kind target networks that do not employ mutual authentication (client-server serverclient) and may be used in conjunction with a rogue RADIUS server, depending on security
configuration of the target network.
To prevent the installation of rogue access points, organizations can install wireless intrusion
prevention systems to monitor the radio spectrum for unauthorized access points.