A penetration tester is performing an assessment for an organization and must gather valid user credentials. Which of the following attacks would be best for the tester to use to achieve this objective?
* Deauthentication attacks can force legitimate users to disconnect from a wireless network, prompting them to reconnect and, in the process, capture valid user credentials using a rogue access point or network monitoring tools.
* Details:
A . Wardriving: Involves driving around to discover wireless networks; it does not directly gather user credentials.
B . Captive portal: Requires users to log in but is not an attack method; it is a legitimate method to control network access.
C . Deauthentication: Forces users to reauthenticate, allowing an attacker to capture credentials during the reconnection process.
D . Impersonation: Involves pretending to be someone else to gain access but is less effective for directly capturing user credentials compared to deauthentication.
* Reference: Deauthentication attacks are well-documented in wireless security assessments and penetration testing guides.
Helaine
3 months agoGretchen
3 months agoLauryn
4 months agoSabina
3 months agoLillian
3 months agoDan
3 months agoCarey
4 months agoRikki
3 months agoKing
3 months agoLindsay
3 months agoCarla
3 months agoErnie
4 months agoBrett
4 months agoDetra
4 months agoWava
4 months agoGladys
4 months agoKimberlie
4 months agoTammy
4 months agoBrett
4 months ago