Certified Ethical Hacker (CEH v13) — Question 223
An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages.
What is the attack performed in the above scenario?
Answer options
- A. Cache-based attack
- B. Timing-based attack
- C. Downgrade security attack
- D. Side-channel attack
Correct answer: C
Explanation
The attack described is a downgrade security attack, as the attacker forces the victim to use a less secure encryption method (WPA2) instead of the more secure one (WPA3). The other options are incorrect because a cache-based attack involves exploiting cached data, a timing-based attack relies on measuring response times to gain information, and a side-channel attack uses information leaked during the encryption process, none of which apply to this scenario.