Certified Ethical Hacker (CEH v11) — Question 388

An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only
WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages.
What is the attack performed in the above scenario?

Answer options

• A. Cache-based attack
• B. Timing-based attack
• C. Downgrade security attack
• D. Side-channel attack

Correct answer: C

Explanation

The correct answer is C, as the attacker is forcing the victim's device to use a less secure version of the encryption protocol (WPA2) instead of the more secure option (WPA3). This is characteristic of a downgrade security attack, where a user is tricked into using weaker security measures. The other options, such as cache-based and timing-based attacks, do not apply to this scenario as they involve different techniques not related to protocol downgrading.