Computer Hacking Forensic Investigator (CHFI) Practice Exam

The correct answer focuses on the concept of client mis-association, which refers to a scenario where a client device mistakenly connects to a rogue access point instead of the legitimate one. This type of attack relies on the attacker setting up a rogue access point that mimics a legitimate network, allowing the attacker to intercept data or conduct further attacks.

In the case of client mis-association, the attacker may utilize various techniques, such as broadcasting a stronger signal or using the same SSID as the trusted network, to lure the client device into connecting to their rogue access point. Once the client is associated with the rogue access point, the attacker can capture sensitive information, monitor network traffic, or inject malicious data into the communication stream.

This scenario differs significantly from the other options. War driving involves physically driving around to find and map wireless networks but does not necessarily involve setting up a rogue access point. Rogue access points is a term that describes unauthorized access points in general, but it does not specifically address the mechanism of clients being tricked into connecting. MAC spoofing relates to altering the MAC address of a device to impersonate another device on the network, but it doesn't inherently involve the manipulation of access point connections.

Overall, client mis-association accurately describes the technique