Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
WiFi phishing uses the 'evil twin' scenario to de-authorize users from a real AP, allows them to attach to the fake AP, where the attacker can easily glean their password from the WPA credentials. Also known as AP phishing or Honeypot AP.
True
False
AFAIK this only works on WEP, where clients can and often send credentials even if not required or requested by the AP. WPA and WPA2 have mutual authentication. Without doing a fake portal page (and knowing the existing AP password so the client connects seamlessly again), you're way better off just capturing the handshake and cracking offline. SS The current explanation states this only works with WEP, the question references WPA making the answer false or re-word the question.
Would someone review the article, "WiGiPhisher - Automated Phishing Attacks Against Wi-Fi Networks," on http://thehackernews.com/2015/01/wifiphisher-automated-phishing-attacks_5.html. In the light of this article, the answer should be true.
Edit : answer must be false because WPA requires mutual authentication as explained in the text above. The HTML states that DoS is required and "WifiPhisher tool will serve the victim a realistic fake router configuration-looking page that will ask for WPA password confirmation due to a router firmware upgrade." which is social engineering.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.