CompTIA Security+ (SY0-601) — Question 104
A security administrator is analyzing the corporate wireless network. The network only has two access points running on channels 1 and 11. While using airodump-ng, the administrator notices other access points are running with the same corporate ESSID on all available channels and with the same BSSID of one of the legitimate access points. Which of the following attacks is happening on the corporate network?
Answer options
- A. On-path
- B. Evil twin
- C. Jamming
- D. Rogue access point
- E. Disassociation
Correct answer: B
Explanation
The correct answer is 'Evil twin' because the other access points are mimicking the legitimate access point's ESSID and BSSID, indicating an attempt to deceive users into connecting to a malicious network. 'On-path' refers to interception without impersonation, 'Jamming' disrupts communication, 'Rogue access point' is a legitimate device added without authorization, and 'Disassociation' involves disconnecting users from a network.