CompTIA PenTest+ (PT0-002) — Question 407

A penetration tester has been contracted to review wireless security. The tester has deployed a malicious wireless AP that mimics the configuration of the target enterprise WiFi. The penetration tester now wants to try to force nearby wireless stations to connect to the malicious AP.
Which of the following steps should the tester take NEXT?

Answer options

• A. Send deauthentication frames to the stations.
• B. Perform jamming on all 2.4GHz and 5GHz channels.
• C. Set the malicious AP to broadcast within dynamic frequency selection channels.
• D. Modify the malicious AP configuration to not use a preshared key.

Correct answer: A

Explanation

The correct action is to send deauthentication frames to the stations, which forces them to disconnect from their legitimate AP and reconnect to the malicious one. Jamming all channels (option B) is indiscriminate and less effective for this specific purpose. Broadcasting in dynamic frequency selection channels (option C) does not directly influence connections, and modifying the configuration to avoid a preshared key (option D) may not compel clients to connect, especially if they expect a secure connection.