Question

A company utilizes 802.11 for all client connectivity within a facility. Users in one part of the building are reporting they are unable to access company resources when connected to the company SSID. Which of the following should the security administrator use to assess connectivity?

1. Sniffer
2. Honeypot
3. Routing tables
4. Wireless scanner

Answer 1

In the given question , it was stated that only the users in one part of the building are unable to access the company resources when connected to the network SSID. Since this problem is exhibited at certain part of the facility , it could be problem of network signal caused by general obstacle like walls or any such.It can be analysed with the help of Wireless scanner.Since the devices are relying on wireless network, they can be checked for weak signal and no security related issue is suspected from the above scenario.

So , the answer is option D:Wireless Scanner

Explanation

Sniffer

Wireless Sniffer also called as a wireless packet analyzer which is used to intercept the packets transmitted over a wireless network .Sniffer could be either a software based tool or a device which is designed to intercept the packets and decode them into human understandable information.The sniffers are used generally for the purpose of network performance analysis and also used to identify malicious hidden networks(evil twins) or intruders that cause loss of data or damage to IT equipment.

Since 802.11 WiFi is a radio based data transmission technique,the packets will be transmitted upto a specific radius surrounding to the wireless access point The wireless sniffer will capture the packets that are put on-air by the surrounding devices and decodes them to extract information and present in a readable format like source IP address,Destination IP address ,MAC address,Underlying Protocol,Payload (Data transmitted)

Honeypot

A honey pot is a Computer or any networking end-device that was intentionally made to look like a vulnerable device on a network such that it deviates the attackers or may counteract the attacks by luring them by acting as a ‘hole’ in the IT infrastructure that gives a false impression of a weak point in the networks through which the attackers want to break into the system

Routing table

A routing table is a set of rules to determine the path of data packets that travel across multiple network nodes (Typically routers and switches) on an IP network.All IP enabled devices have routing tables .A routing table generally contains a list of destination network addresses with their corresponding subnet masks,physical interfaces connected to the device and metrics (to identify the best paths to the destination)

Wireless Scanner

Wireless Scanner or Wi-Fi Scanner is a software or hardware designed to locate and identify the nearby WiFI network signals and provide the corresponding information .The information generally collected by a wireless scanner includes Network Name(BSSID),MAC address,Signal Strength,Signal Quality,Maximum Link speed and security parameters

They are generally used to identify the signal strengths at various locations to check the signal coverage or to evaluate the allocation of channel loads to prevent bottle necks in case of large number of devices connected to an access point .Sometimes they are also used to analyse and monitor the activity of the connected clients by network administrators

Note: Sniffers are generally used by administrators if they suspect a possible attack on the network device or a computer and the problem is susceptible only for a particular IP address or a Subnet or any targeted device .The scenario given in the question is about the signal strength and coverage .