PrepAway - Latest Free Exam Questions & Answers

This is known as:

A user has plugged in a wireless router from home with default configurations into a network jack at the
office. This is known as:

PrepAway - Latest Free Exam Questions & Answers

A.
an evil twin.

B.
an IV attack.

C.
a rogue access point.

D.
an unauthorized entry point.

Explanation:
A rogue access point is a wireless access point that should not be there. In this question, the wireless
router has been connected to the corporate network without authorization. Therefore, it is a rogue
access point.
A rogue access point is a wireless access point that has either been installed on a secure company
network without explicit authorization from a local network administrator, or has been created to allow a
hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security
threat to large organizations with many employees, because anyone with access to the premises can
install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to
a secure network to unauthorized parties. Rogue access points of the second kind target networks that do
not employ mutual authentication (client-server server-client) and may be used in conjunction with a
rogue RADIUS server, depending on security configuration of the target network.To prevent the installation of rogue access points, organizations can install wireless intrusion prevention
systems to monitor the radio spectrum for unauthorized access points.
Incorrect Answers:
A: An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that
appears as a genuine hotspot offered by a legitimate provider. In this question, the wireless access point
has its default settings. It is therefore, not trying to imitate the corporate wireless network and is
therefore, not an evil twin.
B: An initialization vector is a random number used in combination with a secret key as a means to
encrypt data. This number is sometimes referred to as a nonce, or “number occurring once,” as an
encryption program uses it only once per session.
An initialization vector is used to avoid repetition during the data encryption process, making it
impossible for hackers who use dictionary attack to decrypt the exchanged encrypted message by
discovering a pattern. This is known as an IV attack. An unauthorized wireless access point plugged into a
network is not an IV attack. Therefore this answer is incorrect.
D: If the wireless router was providing access to the corporate network, it could be defined as an
unauthorized entry point. However, ‘rogue access point’ is a more specific term to describe the wireless
router in this question. Therefore this answer is incorrect.

http://en.wikipedia.org/wiki/Rogue_access_point
http://www.techopedia.com/definition/26858/initialization-vector


Leave a Reply