CompTIA PenTest+ (PT0-003) — Question 46

A penetration tester needs to exploit a vulnerability in a wireless network that has weak encryption in order to perform traffic analysis and decrypt sensitive information. Which of the following techniques would best allow the penetration tester to have access to the sensitive information?

Answer options

• A. Bluejacking
• B. SSID spoofing
• C. Packet sniffing
• D. ARP poisoning

Correct answer: C

Explanation

The correct answer is C, Packet sniffing, as it allows the tester to capture and analyze network traffic, enabling the decryption of sensitive information. The other options, such as Bluejacking and SSID spoofing, do not provide the capability to analyze traffic, while ARP poisoning mainly targets local network communications and would not directly facilitate decryption of encrypted wireless traffic.