The security team at a company has received reports from employees that the Wi-Fi disconnects intermittently. The team changes the WPA2 passkey and gives it to employees. However, rogue devices are detected on the Wi-Fi network within less than an hour of the passkey change. A security team performs a walkthrough of the office and is unable to find the rogue devices. Which of the following is the most likely root cause of the breach?

Brute force attacks involve systematically trying all possible password combinations until the correct one is found. However, such attacks typically require time and are less likely to succeed within a short window after a passkey change, especially if the new passkey is complex. Since rogue devices appeared almost immediately, this method is less plausible.

While a Trojan virus could potentially allow unauthorized access to a network, it typically requires some form of user interaction to be installed. If the security team changed the passkey and rogue devices appeared shortly after, it is unlikely that a Trojan was the initial cause of the breach, especially if no users reported unusual behavior prior to the Wi-Fi issues.

A replay attack involves intercepting and retransmitting valid data packets to gain unauthorized access. Although this could occur, the immediate detection of rogue devices after a passkey change suggests that the breach likely came from a more direct method of credential capture, such as through a keylogger, rather than simply replaying old credentials.