In order to acquire credentials of a valid user on a public hotspot network, what attacks may be conducted? Choose the single completely correct answer.
MAC denial of service and/or physical theft
Social engineering and/or eavesdropping
Authentication cracking and/or RF DoS
Code injection and/or XSS
RF DoS and/or physical theft
Correct answer: B
Question 2
What WLAN client device behavior is exploited by an attacker during a hijacking attack?
After the initial association and 4-way handshake, client stations and access points do not need to perform another 4-way handshake, even if connectivity is lost.
Client drivers scan for and connect to access point in the 2.4 GHz band before scanning the 5 GHz band.
When the RF signal between a client and an access point is disrupted for more than a few seconds, the client device will attempt to associate to an access point with better signal quality.
When the RF signal between a client and an access point is lost, the client will not seek to reassociate with another access point until the 120 second hold down timer has expired.
As specified by the Wi-Fi Alliance, clients using Open System authentication must allow direct client-to-client connections, even in an infrastructure BSS.
Correct answer: C
Question 3
What software and hardware tools are used in the process performed to hijack a wireless station from the authorized wireless network onto an unauthorized wireless network?
A low-gain patch antenna and terminal emulation software
MAC spoofing software and MAC DoS software
RF jamming device and a wireless radio card
A wireless workgroup bridge and a protocol analyzer