Exam PT0-002 topic 1 question 55 discussion

A. Send deauthentication frames to the stations. After deploying a malicious wireless AP that mimics the configuration of the target enterprise WiFi, the next step for the tester should be to try to force nearby wireless stations to connect to the malicious AP. One way to accomplish this is by sending deauthentication frames to the stations. These frames will disconnect the stations from their current connection and make them available to connect to the malicious AP. This is a type of wireless man-in-the-middle (MITM) attack that can allow the tester to capture and analyze the wireless traffic of the connected stations. B. Perform jamming on all 2.4GHz and 5GHz channels. is not a good option as it can cause legal and ethical issues and would be illegal in many countries, it also can cause a disruption to the legitimate wireless network. C. Set the malicious AP to broadcast within dynamic frequency selection channels. is not a good option as it's not a way to force nearby wireless stations to connect to the malicious AP. D. Modify the malicious AP configuration to not use a preshared key. is not a good option as it may make the malicious AP more easily detectable and less effective in capturing wireless traffic.

Answer is A

sending deauthentication frames is a focused and commonly used technique in such testing scenarios to encourage client devices to disconnect from their current network and potentially connect to a rogue AP.

To force nearby wireless stations to connect to the malicious AP, the penetration tester should: A. Send deauthentication frames to the stations. Sending deauthentication frames to the nearby wireless stations will disrupt their current connections and may prompt them to reconnect. Since the malicious AP mimics the configuration of the target enterprise WiFi, the stations might automatically connect to it, thinking it's a legitimate access point. This technique can be used to capture information or perform other security assessments on the connected stations.

Next step should be de-authentication.

A. Send deauthentication frames to the stations. This option would facilitate the disconnection from the legitimate network and potentially force the devices to connect to the malicious AP, especially if they were previously connected to an AP with the same SSID and security settings as the malicious one.

The next step the tester should take is A. Send deauthentication frames to the stations. By sending deauthentication frames, or "deauths", the tester can force the wireless stations to disconnect from their current AP and look for a new one. If the malicious AP is configured correctly, the wireless stations should then be able to connect to it.

aaaaaaaaaaaaa

I think A

Has to be A. Jamming the signal would cause a DDos and other frequencies could possibly interfere with other WAPs in the area that don't belong to the customer. Straight out of the book.

Why not A? Deauth?