Exam PT1-002 topic 1 question 18 discussion

Trick question here and pay attention to the wording. COmpTIA goes over both Wifite and Kismet: "Wifite2 is a wireless auditing tool you can use to assess the WLAN. " "Kismet is included in Kali Linux and has many different functions. In addition to capturing packets, it can also act as a wireless intrusion detection system." Since aircrack is also bundled into Wifite, wireshark is out of question, and Kismet is also an IDS and we need to TEST the solution, the correct answer is A.

Only Kismet is the right solution.

The answer is Aircrack-ng. The Key word here is "test" the effectiveness of the IDS. Aircrack-ng is able to test IDS using its attacking capabilites.

Kismet’s data collector doesn’t probe networks like other packet sniffers, so intrusion detection systems can’t spot its activities. This makes it a powerful tool for hackers who have access to a computer that is connected to the network. Standard network monitoring systems will spot the presence of the device on which Kismet is running, but won’t see that the program is gathering data packets on the network.

For me the answer is D, A Aircrack-ng is a tool commonly used for wireless network security, including penetration testing and cracking wireless networks. However, it is not specifically designed for configuring intrusion detection over wireless networks D In this scenario, the best tool for configuring intrusion detection over wireless networks would be Kismet. Kismet is a wireless network detector, sniffer, and intrusion detection system designed for wireless network security monitoring.

A.. That's correct.

Wifite is a tool to audit WEP or WPA encrypted wireless networks. It uses aircrack-ng, pyrit, reaver, tshark tools to perform the audit. This tool is customizable to be automated with only a few arguments and can be trusted to run without supervision.

Definitely Kismet

Kismet is the right answer, Air-crack is great as an attacking tool

That's correct.