CompTIA PenTest+ (PT0-001) — Question 138

A penetration tester is performing a wireless penetration test. Which of the following are some vulnerabilities that might allow the penetration tester to easily and quickly access a WPA2-protected access point?

Answer options

• A. Deauthentication attacks against an access point can allow an opportunity to capture the four-way handshake, which can be used to obtain and crack the encrypted password.
• B. Injection of customized ARP packets can generate many initialization vectors quickly, making it faster to crack the password, which can then be used to connect to the WPA2-protected access point.
• C. Weak implementations of the WEP can allow pin numbers to be guessed quickly, which can then be used to retrieve the password, which can then be used to connect to the WEP-protected access point.
• D. Rainbow tables contain all possible password combinations, which can be used to perform a brute-force password attack to retrieve the password, which can then be used to connect to the WPA2-protected access point.

Correct answer: C

Explanation

The correct answer is C because weak implementations of WEP can allow for rapid guessing of pin numbers, leading to password retrieval for WEP networks. Options A and B are related to WPA2 vulnerabilities but do not specifically address WEP, and option D discusses rainbow tables, which are not directly applicable to accessing WPA2 networks.