A security analyst captures a large number of unique initialization vectors (IVs) from a wireless network using airodump-ng. Which attack are they MOST likely preparing to execute?
Trap 1: WPS PIN brute-force attack
WPS attacks target the PIN authentication mechanism, not IVs.
Trap 2: Evil twin AP deployment
An evil twin attack involves setting up a rogue AP with the same SSID, unrelated to IV collection.
Trap 3: WPA handshake capture
WPA cracking requires capturing the 4-way handshake, not a large number of unique IVs.
- A
WPS PIN brute-force attack
Why wrong: WPS attacks target the PIN authentication mechanism, not IVs.
- B
Evil twin AP deployment
Why wrong: An evil twin attack involves setting up a rogue AP with the same SSID, unrelated to IV collection.
- C
WEP key recovery using aircrack-ng
Correct. WEP cracking relies on collecting many unique IVs to exploit statistical weaknesses in the RC4 algorithm.
- D
WPA handshake capture
Why wrong: WPA cracking requires capturing the 4-way handshake, not a large number of unique IVs.