A network team is investigating failures to onboard users to a Wi-Fi network. The investigation shows that the access point accepts connections for a short time after a restart. The security administration inspecting the connections has logs that show a large increase in suspicious connections to the access point. Repeating the device with a higher capacity access point does not resolve the issue. Which of the following attacks is most likely occurring?

Rationale

DoS attacks are likely occurring due to the suspicious connections overwhelming the access point.

The scenario describes an access point that accepts connections for a limited time after a restart but is then overwhelmed by a surge of suspicious connections. This behavior is characteristic of a Denial of Service (DoS) attack, where an attacker floods a network resource with traffic, rendering it unable to serve legitimate users.

A (On-path) YOUR ANSWER

On-path attacks involve intercepting communications between two parties, allowing an attacker to eavesdrop or manipulate the data. While this could be a concern in Wi-Fi networks, the symptoms described—an access point being overwhelmed by numerous suspicious connections—are not indicative of this attack type.

B (DNS spoofing) YOUR ANSWER

DNS spoofing refers to the manipulation of DNS queries to redirect users to malicious sites. Although it can affect user experience, it does not explain the access point's inability to handle connections after a restart or the sudden influx of suspicious connection attempts.

C (Evil twin) YOUR ANSWER

An evil twin attack involves an attacker setting up a rogue access point that mimics a legitimate one, tricking users into connecting. However, the scenario suggests that the access point itself is overwhelmed by connections, not that users are being deceived into connecting to a malicious network.

D (DoS) CORRECT

Denial of Service attacks aim to disrupt normal functioning by flooding a target with excessive requests. In this case, the logs show a significant increase in suspicious connections, suggesting that the access point is being targeted by an overwhelming number of connection attempts, which is typical behavior for a DoS attack.

Conclusion

The investigation into the Wi-Fi network failure points to a Denial of Service (DoS) attack, as evidenced by the access point's capacity to accept a limited number of connections before being overwhelmed by suspicious traffic. This aligns with the symptoms observed, distinguishing it from other types of attacks such as on-path, DNS spoofing, or evil twin scenarios, which do not explain the observed behavior of the network.

DoS attacks are likely occurring due to the suspicious connections overwhelming the access point.

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test