Exam PT0-002 topic 1 question 255 discussion

who is writing these questions... terrible wording

Y'all dead wrong An evil twin attack is when the attacker's SSID is the SAME as the target SSID, mimicking it and convincing users to connect (sometimes through continuous DEAUTH packets to force users into reconnecting to the malicious AP). The question states that the AP shouldn't be available because the hotel chain is not available in that area, so it's not mimicking any other SSID's because there are none in the area with the same name. Captive portal attack is used for capturing login credentials.

Can't be D as the guy is seeing an available access point to a hotel chain that is not available - this is an captive portal set up. An active twin is when a FAKE ap is being broadcasted in proximity to the real one. Just to complicate things more.. Twin Evil can be used with Captive Portal as well to trick people into loggin into a PUBLIC Wifi. Confused yet? Bloody Comptia.

D is the only one that makes sense in these trash a$$ questions.

D. Evil twin The other options don't describe the scenario provided. Data modification refers to altering data, Amplification is related to increasing the magnitude of an attack (common in DDoS attacks), and Captive portal refers to a login page to access a network, often used in legitimate public Wi-Fi systems.

The attacker creates an access point with the same name and network settings as a legitimate access point, but with a stronger signal to attract users. Once a victim connects to the rogue access point, the attacker can intercept and steal any data transmitted over the connection, including login credentials, credit card information, and other sensitive data.