A user contacts the help desk to report the following:
Two days ago, a pop-up browser window prompted the user for a name and password after connecting to the corporate wireless SSID. This had never happened before, but the user entered the information as requested. The user was able to access the Internet but had trouble accessing the department share until the next day. The user is now getting notifications from the bank about unauthorized transactions.
Which of the following attack vectors was MOST likely used in this scenario?
A. Rogue access point
B. Evil twin
C. DNS poisoning
D. ARP poisoning
How To Pass SY0-601 Exam?CompTIA SY0-601 PDF dumps.High quality SY0-601 pdf and software. VALID exam to help you pass. |
 |
the significant difference between a rogue access point and an evil twin – is that evil twins are set up to perfectly mimic existing access points with the explicit intention to trick users. Rogue access points aren’t specifically made to clone access
The correct answer to this is evil twin.
An evil twin uses the same name as the corporate wireless SSID but is in fact an access point that may allow access to the internet with a goal of gathering information and is not actuall connected to your network.
A rogue access point is an access point that some one such as a sale person has connected to your network without authorization. Potentially bypassing any security and firewall services in place.