A security analyst recently discovered two unauthorized hosts on the campus's wireless network segment from a man-in-the-middle attack.
The security analyst also verified that privileges were not escalated, and the two devices did not gain access to other network devices.
Which of the following would BEST mitigate and improve the security posture of the wireless network for this type of attack?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The scenario described in the question involves a man-in-the-middle (MITM) attack on the wireless network segment, which indicates that an attacker is intercepting communication between two devices to steal sensitive information or modify data without being detected. The security analyst has discovered two unauthorized hosts on the network, but there is no indication that the attackers have escalated privileges or gained access to other network devices.
To mitigate and improve the security posture of the wireless network for this type of attack, the BEST option is to implement MAC filtering on the wireless router and create a whitelist that allows only authorized devices on the network. This would prevent unauthorized devices from connecting to the network, even if they have the correct password or passphrase.
Option A, which suggests enabling MAC filtering and suggesting a stronger encryption for the wireless network, is partially correct, but it does not address the issue of unauthorized hosts on the network. Stronger encryption can prevent attackers from eavesdropping on network traffic, but it does not prevent them from connecting to the network if they have the correct credentials.
Option B, which suggests changing the SSID, strengthening the passcode, and implementing MAC filtering on the wireless router, is also partially correct. Changing the SSID and strengthening the password can make it more difficult for attackers to guess the network credentials. However, it does not address the issue of unauthorized hosts on the network.
Option D, which suggests conducting a wireless survey to determine if the wireless strength needs to be reduced, is not relevant to the scenario described in the question. A wireless survey would be useful to determine the coverage and strength of the wireless signal, but it does not address the issue of unauthorized hosts on the network.
Therefore, the BEST option to mitigate and improve the security posture of the wireless network for this type of attack is to enable MAC filtering on the wireless router and create a whitelist that allows only authorized devices on the network.