Ann, the network administrator, has learned from the helpdesk that employees are accessing the wireless
network without entering their domain credentials upon connection. Once the connection is made, they
cannot reach any internal resources, while wired network connections operate smoothly. Which of the
following is MOST likely occurring?

A.
A user has plugged in a personal access point at their desk to connect to the network wirelessly.

B.
The company is currently experiencing an attack on their internal DNS servers.

C.
The company’s WEP encryption has been compromised and WPA2 needs to be implemented instead.

D.
An attacker has installed an access point nearby in an attempt to capture company information.

Explanation:
The question implies that users should be required to enter their domain credentials upon connection to
the wireless network. The fact that they are connecting to a wireless network without being prompted for
their domain credentials and they are unable to access network resources suggests they are connecting
to a rogue wireless network.A rogue access point is a wireless access point that has either been installed on a secure company
network without explicit authorization from a local network administrator, or has been created to allow a
hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security
threat to large organizations with many employees, because anyone with access to the premises can
install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to
a secure network to unauthorized parties. Rogue access points of the second kind target networks that do
not employ mutual authentication (client-server server-client) and may be used in conjunction with a
rogue RADIUS server, depending on security configuration of the target network.
To prevent the installation of rogue access points, organizations can install wireless intrusion prevention
systems to monitor the radio spectrum for unauthorized access points.
Incorrect Answers:
A: A personal access point would not have the same SSID as the corporate wireless network. Therefore,
other network computers would not attempt to connect to the personal access point.
B: This is not a DNS issue. The users are able to connect to the rogue access point without entering their
domain credentials. If the DNS system was compromised, the users would not be able to connect to the
wireless network.
C: WEP encryption is considered to be very weak in terms of security and WPA2 is recommended.
However, compromised WEP encryption would not cause the symptoms described in this question.

http://en.wikipedia.org/wiki/Rogue_access_point