Certified Ethical Hacker (CEH v12) — Question 183

As the lead security engineer for a retail corporation, you are assessing the security of the wireless networks in the company's stores. One of your main concerns is the potential for "Wardriving" attacks, where attackers drive around with a Wi-Fi-enabled device to discover vulnerable wireless networks. Given the nature of the retail stores, you need to ensure that any security measures you implement do not interfere with customer experience, such as their ability to access in-store Wi-Fi. Taking into consideration these factors, which of the following would be the most suitable measure to mitigate the risk of Wardriving attacks?

Answer options

• A. Limit the range of the store's wireless signals
• B. Implement MAC address filtering
• C. Disable SSID broadcasting
• D. Implement WPA3 encryption for the store's Wi-Fi network

Correct answer: D

Explanation

Implementing WPA3 encryption is the most effective way to secure the store's Wi-Fi network against Wardriving attacks, as it provides enhanced security features that are resistant to unauthorized access. Limiting the range of wireless signals may not fully prevent attacks, while MAC address filtering can be bypassed by determined attackers. Disabling SSID broadcasting can hide the network but does not provide true security against potential threats.