Employees report connecting to the company's Wi-Fi but experiencing unusual redirects and connection issues. Investigation reveals the devices were connecting to a second access point with the same SSID as the corporate network. Which type of attack is occurring in this scenario?

An ICMP flood attack involves overwhelming a target device or network with ICMP echo request packets (ping requests) to exhaust resources and disrupt service. This type of attack does not relate to unusual redirects or connection issues caused by connecting to a fake access point, making it irrelevant to the scenario described.

This is the correct answer because an evil twin attack occurs when a malicious access point replicates the SSID of a legitimate network, tricking users into connecting to it. The reported connection issues and redirects experienced by employees indicate they are likely connected to this rogue network, which is designed to capture data or disrupt services.

Broken authentication refers to vulnerabilities in a system that allow attackers to exploit weak authentication mechanisms, potentially gaining unauthorized access. While this can lead to security issues, it does not explain the specific connection and redirect problems caused by an access point with a matching SSID.