Certified Ethical Hacker (CEH v13) — Question 61

You are a cybersecurity consultant for a major airport that offers free Wi-Fi to travelers. The management is concerned about the possibility of "Evil Twin" attacks, where a malicious actor sets up a rogue access point that mimics the legitimate one. They are looking for a solution that would not significantly impact the user experience or require travelers to install additional software. What is the most effective security measure you could recommend that fits these constraints, considering the airport's unique operational environment?

Answer options

• A. Regularly change the SSID of the airport's Wi-Fi network
• B. Use MAC address filtering on the airport's Wi-Fi network
• C. Implement WPA3 encryption for the airport's Wi-Fi network
• D. Display a captive portal page that warns users about the possibility of Evil Twin attacks

Correct answer: C

Explanation

Implementing WPA3 encryption is the most effective security measure as it provides enhanced protection against various attacks, including Evil Twin scenarios, without requiring user interaction or software installation. The other options, while helpful, do not offer the same level of security or ease of use; for example, changing the SSID regularly may confuse users, and MAC address filtering can be cumbersome and ineffective against spoofing.