AP Cybersecurity Unit 1 Lesson 3 Exercise 1

AP Cybersecurity — Unit 1, Topic 1.3

Exercise 1: Public Wi-Fi Risk Classification Lab

Classify wireless attack types, identify adversary skill levels, and recommend defenses for real-world public Wi-Fi scenarios. The three skills most tested for Topic 1.3.

Skills 1.A, 1.B, 2.B ~30–40 min • 3 Parts • 24 pts
Progress: 0 / 3 Parts Complete 0 / 24 pts
Part 1
Attack Classification (12 pts)
12 pts

Four wireless network incidents have been reported to the security team. For each one, identify the attack type, the adversary skill level, and what was compromised.

Incident A

A student at Maple Street High School connects to a Wi-Fi network called “MapleHS_Guest” at the school library. The school’s real network is called “Maple-Guest.” After 20 minutes, the student is locked out of their school Google account. The network the student connected to was broadcasting from a laptop in a backpack near the library entrance.

Attack type:

Adversary skill level:

Incident B

During a citywide event, first responders are unable to communicate over their emergency radio network. All wireless devices in a 200-meter radius are unable to connect to any network. The disruption lasts 45 minutes. No credentials or data are reported stolen.

Attack type:

What was the primary impact of this attack?

Incident C

A security researcher drives slowly through a downtown business district using a wireless scanning tool. The tool records SSIDs, encryption types, signal strengths, and GPS coordinates of 47 wireless networks. The researcher does not connect to any network or steal any data. They use this information to identify three businesses whose wireless signals extend to the sidewalk with no password protection.

Attack type:

This attack is best described as:

Incident D

A hotel guest connects to “HiltonSuite_Free” in the hotel lobby. The real hotel network is “HiltonSuite_Guest.” The guest logs into their banking app. An hour later they notice $3,200 was transferred out of their account. The adversary’s MITM position allowed them to see the guest’s unencrypted banking credentials.

Which technical condition allowed the adversary to capture banking credentials?

What single control, if in place, would have protected the guest EVEN after connecting to the evil twin? (2 pts)

Part 2
Summit Wi-Fi Analysis (6 pts)
6 pts

Vantex Financial Group sends employees to a three-day financial summit. Their security team issues guidelines for using hotel and conference Wi-Fi. Answer the questions using the network scenarios provided.

Available Networks at Summit Venue

● GrandHotel_Guest (Open, no password)

● FinanceSummit2026 (Open, no password)

● GrandHotel_Conference (WPA2, password provided at check-in)

● Vantex_Secure (WPA3, Vantex IT-issued credentials)

● xfinitywifi (Public Comcast mobile hotspot)

1. Which network is MOST likely to be an evil twin? (2 pts)

2. An employee must access Vantex’s internal systems. Which network + additional control is the correct approach? (2 pts)

3. An employee sees their device automatically connected to ‘GrandHotel_Guest’ before they opened their laptop. What attack risk does this behavior create, and what setting prevents it? (2 pts)

Part 3
Clinic Wi-Fi Configuration (6 pts)
6 pts

Maple Street Veterinary Clinic wants to offer free guest Wi-Fi for clients in the waiting room. The office manager asks you to recommend a secure configuration. Answer the three questions to build the recommendation.

1. The clinic is considering using the SSID ‘MapleStreetVet_Free.’ An adversary could broadcast a competing SSID. List TWO SSID design choices that reduce the risk of clients connecting to an evil twin. (2 pts)

2. The office manager wants to use the same password for both the staff network and the guest network to simplify management. Why is this a security risk, and what is the correct solution? (2 pts)

3. Even with a properly separated guest network, what should the clinic remind clients to do on their own devices before connecting? (2 pts)

✎ AP Exam Tip

AP exam wireless questions always give you a scenario and ask: (1) which attack type matches (evil twin vs. jamming vs. war driving), (2) which protection would have prevented it (VPN is almost always the answer for data theft; network segmentation for insider/guest threats), and (3) whether the adversary is low-skilled or high-skilled. Know all three cold: evil twin = credential theft + VPN defense; jamming = DoS + no data theft; war driving = reconnaissance only + no active attack yet.

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]