Ann, the network administrator, has learned from the helpdesk that employees are accessing the wireless
network without entering their domain credentials upon connection. Once the connection is made, they cannot
reach any internal resources, while wired network connections operate smoothly. Which of the following is
MOST likely occurring?
A user has plugged in a personal access point at their desk to connect to the network wirelessly.
The company is currently experiencing an attack on their internal DNS servers.
The company’s WEP encryption has been compromised and WPA2 needs to be implemented instead.
An attacker has installed an access point nearby in an attempt to capture company information.
The question implies that users should be required to enter their domain credentials upon connection to the
wireless network. The fact that they are connecting to a wireless network without being prompted for their
domain credentials and they are unable to access network resources suggests they are connecting to a rogue
A rogue access point is a wireless access point that has either been installed on a secure company network
without explicit authorization from a local network administrator, or has been created to allow a hacker to
conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security threat to large
organizations with many employees, because anyone with access to the premises can install (maliciously or
non-maliciously) an inexpensive wireless router that can potentially allow access to a secure network to
unauthorized parties. Rogue access points of the second kind target networks that do not employ mutual
authentication (client-server server-client) and may be used in conjunction with a rogue RADIUS server,
depending on security configuration of the target network.
To prevent the installation of rogue access points, organizations can install wireless intrusion prevention
systems to monitor the radio spectrum for unauthorized access points.