Your companys wireless network was recently compromised by a - CompTIA-N10-009
Question
Your company’s wireless network was recently compromised by an attacker who utilized a brute force attack against the network’s PIN (Personal Identification Number) to gain access. Once connected to the network, the attacker modified the DNS (Domain Name System) settings on the router and spread additional malware across the entire network.
Which TWO of the following configurations were most likely used to allow the attack to occur?
Answers
-
correct
-
correct
-
-
-
-
Explanation
Correct Answers:
A. WPS enabled
B. Default administrative login credentials
-
A. WPS (Wi-Fi Protected Setup) enabled:
- WPS allows users to connect to a wireless network using a PIN or a physical button. The PIN-based method is vulnerable to brute-force attacks due to its weak PIN mechanism (an 8-digit PIN is effectively two sets of 4-digit PINs, making it easy to crack).
- In this scenario, the attacker exploited WPS to gain unauthorized access to the wireless network.
-
B. Default administrative login credentials:
- After accessing the network, the attacker modified the DNS settings on the router. This indicates that the attacker likely used default administrative login credentials (e.g.,
admin:adminoradmin:password) to gain control of the router. - Default credentials are widely known and easily exploitable if not changed.
- After accessing the network, the attacker modified the DNS settings on the router. This indicates that the attacker likely used default administrative login credentials (e.g.,
Why the Other Options Are Incorrect:
-
Router with outdated firmware:
- While outdated firmware could introduce vulnerabilities, the scenario specifically points to a brute-force attack on WPS and the modification of router settings using default credentials. There is no indication that firmware vulnerabilities were exploited here.
-
WPA2 (Wi-Fi Protected Access version 2) encryption enabled:
- WPA2 is a secure encryption standard when implemented properly (e.g., with a strong password). The issue in this case was not with WPA2 encryption but with the misuse of WPS, which bypasses the need for a strong WPA2 passphrase.
-
TKIP (Temporal Key Integrity Protocol) encryption protocols:
- TKIP is an older encryption protocol and less secure than AES, but it is unrelated to the attack described. The attacker exploited WPS and weak router credentials, not encryption protocols.
-
Guest network enabled:
- Guest networks are isolated by design and typically cannot access internal resources. The attack described targeted the main network via WPS and router admin credentials, not a guest network.
No Payment Cards Needed
