Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Location Chicago IL, USA

Exam CS0-001 topic 1 question 399 discussion

Actual exam question from CompTIA's CS0-001
Question #: 399
Topic #: 1
[All CS0-001 Questions]

A malicious hacker wants to gather guest credentials on a hotel 802.11 network. Which of the following tools is the malicious hacker going to use to gain access to information found on the hotel network?

  • A. Nikto
  • B. Aircrak-ng
  • C. Nessus
  • D. tcpdump
Show Suggested Answer Hide Answer

Suggested Answer: A

Comments

TT
Highly Voted 11 months ago
I think the answer should be B: Aircrack-ng. It's made specifically for wifi networks. I havent been able to find anything that says Nikto does this. Just that is scans ports on web servers and verify server versions. Cant find are reason it would be A. https://www.aircrack-ng.org/
upvoted 8 times
XAmbivert
8 months, 2 weeks ago
That's right. It literally says on https://www.aircrack-ng.org/ that "It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools Attacking: Replay attacks, deauthentication, fake access points and others via packet injection Testing: Checking WiFi cards and driver capabilities (capture and injection) Cracking: WEP and WPA PSK (WPA 1 and 2)"
upvoted 1 times
...
Blind_Hatred
9 months, 3 weeks ago
Agreed.
upvoted 1 times
...
...
lupinart
Highly Voted 11 months ago
I feel aircrack ng would be more appropriate in this case
upvoted 7 times
...
somsom
Most Recent 1 month, 2 weeks ago
Nikto is right
upvoted 1 times
...
Roamsie89
4 months, 4 weeks ago
The Aircrack-ng suite of utilities (aircrack-ng.org) is one of the early tools designed for wireless network security testing. Aircrack-ng is made up of a number of command-line tools. The principal tools in the suite are as follows: airmon-ng—Enable and disable monitor mode. airodump-ng—Capture 802.11 frames. Use this output to identify the MAC address of the access point (its Basic Service Set ID) and the MAC address of a victim client device. aireplay-ng—Inject frames to perform an attack to obtain the authentication credentials for an access point. This is usually performed using a deauthentication attack. Forcing the victim station to reauthenticate generates the required traffic. A deauthentication attack can also be used for DoS.
upvoted 1 times
...
ourking
6 months ago
WiFi Specific Aircrack-ng Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. In fact, Aircrack-ng is a set of tools for auditing wireless networks
upvoted 1 times
...
ITeaGuy
6 months, 2 weeks ago
Did anyone stop to think that the first part of the question is a red herring? He wants to gain access to information found on the Hotel Network... Does the Hotel have a web site? Nikto is a tool used to test web-specific vulnerabilities... SQL inj, XSS, cross script... mcvbm got it but it flew over the rest of your heads...
upvoted 1 times
...
stone21
7 months ago
Aircrack for sure, option B.
upvoted 3 times
...
B1llGat3s
8 months, 3 weeks ago
tcpdump sounds too difficult. See here https://networkengineering.stackexchange.com/questions/19802/tcpdump-and-listening-to-wifi-traffic-of-others. I would go for aircrack-ng. It is a more complete solution, being able to monitor, crack and attack.
upvoted 1 times
...
TeeTime87
9 months ago
First off this question is missing info, my thoughts: tcpdump, if your trying capture traffic to get guest credentials from people staying at the hotel, aka logging into accounts through websites or Aircrack-ng if they are trying to get the password to get authenticated access to the Hotels network. Nikto and Nessus you have 2 vulnerability scanners(nothing to do with the question)
upvoted 1 times
...
mcvbm34
9 months, 1 week ago
The answer is Nikto because in the question it say "to gain access to information found on the hotel network?" Aircrack-ng is used for password cracking.
upvoted 1 times
Blind_Hatred
9 months, 1 week ago
He wants to GAIN ACCESS. NikTo is a vulnerability scanner (and it focusses mainly on webservers). The answer is NOT NikTo, I can guarantee that.
upvoted 4 times
...
...
NoName999
9 months, 2 weeks ago
says nothing at all about wifi, therefore aircrack is not right. Think the answer is nikto
upvoted 1 times
Blind_Hatred
9 months, 2 weeks ago
802.11 IS WiFi... .
upvoted 2 times
NoName999
9 months, 2 weeks ago
ah yeah my bad. strange how every site points to nikto, but aircrack is obvious wifi cracking tool in kali. makes you think how accurate these q&a's are
upvoted 1 times
Blind_Hatred
9 months, 1 week ago
The reason why those websites all provide the same answers is very simple: They copied one another. Copied without providing any kind of information as of why that particular answer is correct. At least here, on this website, you can discuss it with other people. :)
upvoted 5 times
...
...
...
...
MonKEY69
10 months, 3 weeks ago
I think it is tcpdump! This would packet capture the info. Nikto is a web vulnerability scanner. Am I wrong?
upvoted 1 times
s3curity1
10 months, 2 weeks ago
While tcpdump can allow you to capture packets, this is pretty much useless of communication is encrypted. Aircrack-ng would be the best choice since it offers a suite of tools for wireless network monitoring and attack related tools.
upvoted 3 times
...
...

SaveCancel