ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 144 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 144
Topic #: 1
[All 312-50v13 Questions]

You are a cybersecurity consultant for a major airport that offers free Wi-Fi to travelers. The management is concerned about the possibility of "Evil Twin" attacks, where a malicious actor sets up a rogue access point that mimics the legitimate one. They are looking for a solution that would not significantly impact the user experience or require travelers to install additional software. What is the most effective security measure you could recommend that fits these constraints, considering the airport's unique operational environment?

  • A. Regularly change the SSID of the airport's Wi-Fi network
  • B. Use MAC address filtering on the airport's Wi-Fi network
  • C. Implement WPA3 encryption for the airport's Wi-Fi network
  • D. Display a captive portal page that warns users about the possibility of Evil Twin attacks
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by HazalAlenazi at Feb. 6, 2025, 2:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
NikoTomas
1 month ago
Selected Answer: C
Answer: C 1️ Enable WPA3 with Protected Management Frames (PMF) • Evil Twin attacks often rely on deauth attacks to disconnect users from the real AP and force them to connect to the rogue AP. • Ensures that deauthentication and disassociation frames are cryptographically signed, making them harder to spoof. Another possible solution (but this requires client SW / supplicant - not suitable for airport): 2 Use 802.1X Authentication with RADIUS (WPA2/WPA3-Enterprise) • Deploy 802.1X authentication with a RADIUS server. • Ensure clients validate the RADIUS server certificate. • The Evil Twin AP won’t have a valid RADIUS certificate. • Proper certificate validation prevents users from entering credentials into a fake AP.
upvoted 1 times
NikoTomas
1 month ago
Incorrect answers: A) Changing SSID - makes no sense, attacker just installs rougue AP with the same SSID as your current (changed) SSID B) MAC address filtering - this could be prevention against rougue AP as MAC addresses are statically set but this is not applicable to airport and AP BSSID can be also spoofed, so not correct solution. D) Captive portal to inform users... very weak solution, there is no prevention mechanism against deauthentication attacks as with WPA3 PMF, just informing users... but they don't even notice when they become connected to rogue AP (without any captive portal).
upvoted 1 times
...
...
Gibsomd
1 month ago
Selected Answer: D
An Evil Twin attack occurs when an attacker sets up a rogue access point (AP) that mimics a legitimate Wi-Fi network, tricking users into connecting to it. Once connected, the attacker can intercept sensitive information such as passwords and financial data.
upvoted 2 times
...
HazalAlenazi
2 months, 1 week ago
Selected Answer: C
WPA3 is the latest Wi-Fi encryption protocol, providing stronger encryption and protection against several attack vectors, including Evil Twin attacks.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago