ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 213 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 213
Topic #: 1
[All 312-50v13 Questions]

As the chief security officer at SecureMobile, you are overseeing the development of a mobile banking application. You are aware of the potential risks of man-in-the-middle (MitM) attacks where an attacker might intercept communication between the app and the bank's servers. Recently, you have learned about a technique used by attackers where they use rogue Wi-Fi hotspots to conduct MitM attacks. To prevent this type of attack, you plan to implement a security feature in the mobile app. What should this feature accomplish?

  • A. It should require two-factor authentication for user logins.
  • B. It should prevent the app from communicating over a network if it detects a rogue access point.
  • C. It should prevent the app from connecting to any unencrypted Wi-Fi networks.
  • D. It should require users to change their password every 30 days.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by NikoTomas at March 24, 2025, 9:27 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
NikoTomas
2 weeks, 2 days ago
Selected Answer: A
Answer: A (?) App can’t detect whether device is connected to the rogue AP or not. AP looks legitimate and the app can’t recognize it. So B) is not correct. As I googled and ChatGPTed, Android app can programmatically detect/infer WiFi network properties like encryption, but Apple iOS does NOT – so option C) “allow only connnection to encrypted WiFi” is questionable. Here we can suppose that banking app is using TLS, which is encrypted end-to-end. Sometimes users use public APs with Open Authentication and bank probably don’t want to limit users in doing it (am I right? is it doing some bank?) – the app traffic is secured by TLS. Even if victim connects to the rogue AP, the attacker can’t easily intercept TLS connection – if he/she proxy it via own server, its certificate for the domain do not match... the same is true when spoofing DNS replies to redirect victim to attacker’s fake server, which, again, doesn’t have certificate for the bank domain signed by trusted CA. Continuation below...
upvoted 1 times
NikoTomas
2 weeks, 2 days ago
...continuation: Anyway, if attacker somehow overcome these difficulties (for ex. trick victim to trust fake server certificate) and gains access to the victim’s transmitted data (for ex. login credentials) on rogue WiFi network , then 2FA can prevent connection to the legitimate user account as attacker don’t have access to second MFA channel (authenticator app / SMS / HW token...). Of course, some types of MFA (if not implemented properly) can be also proxied and captured using Evilginx2. But it is rare today. So I would opt for A) - Implement 2FA and let user connect to any network (even open) as banking app traffic should be natively encrypted (TLS) – taking C) “allow only connnection to encrypted WiFi” as incorrect. But actually, I’m not sure what they want to hear in this question. They are asking for feature to prevent MitM attack. Is it just straightforward “mandatory use encryption” C) or do they want 2FA - A)?
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago