Bill works at ABC Company’s help desk. Around lunch time, Bill gets a call asking for the password of network user S0NDRA. Bill gives the caller some erroneous information about user S0NDRA, and immediately contacts ABC Company’s security department about a social engineering attack. Bill is trained to recognize S0NDRA as a red alert, but how does Bill know that a social engineering attack is in progress?

A.
ABC Company uses IEEE 802.1X/EAP-TTLS as their wireless security protocol for user authentication, and EAP-TTLS uses an "anonymous" user name outside the TLS tunnel. In this case, the anonymous user is named S0NDRA, and it can be seen in clear text on a wireless protocol analyzer.

B.
ABC Company uses FakeAP as a protection mechanism against hackers. FakeAP is a utility that transmits thousands of fake management frames that can confuse hackers. S0NDRA has been configured as a fake user name in these management frames and can be seen on a wireless protocol analyzer.

C.
ABC Company uses IEEE 802.1X/PEAP-EAP-TLS as their wireless security protocol for user authentication, and PEAP has a programmable integrated intrusion detection mechanism currently named S0NDRA. This intrusion mechanism is picked up, in clear text, on wireless protocol analyzers as a user name.

D.
ABC Company uses IPSec VPNs to secure their wireless LAN. IPSec VPNs use an "anonymous" name field during the authentication process when using digital certificates. The network administrator has configured all wireless client stations to use S0NDRA in the anonymous name field so that wireless protocol analyzers will mistakenly think it is a real user name.