CompTIA PenTest+ (PT0-002) — Question 341

A penetration tester gained access to a customer’s internal corporate network via a wireless guest network. The penetration tester’s laptop was blocked by a NAC system after several Nmap scans. Which of the following techniques would be the most effective in evading the organization’s NAC system?

Answer options

• A. Using only UDP scans
• B. MAC address spoofing
• C. Using only ICMP scans
• D. User-agent spoofing

Correct answer: B

Explanation

MAC address spoofing is effective as it allows the tester to change the device's MAC address to bypass the NAC system's restrictions. The other options are less effective because they do not address the NAC system's detection mechanisms directly, and simply altering the type of scan may still trigger the NAC's security protocols.