AP Cybersecurity Unit 1 Lesson 3 Quiz

AP Cybersecurity — Unit 1, Topic 1.3

Topic 1.3 Quiz: The Dangers of Public Wi-Fi

5 questions. Timed. AP exam difficulty. Covers wireless attack types, adversary skill levels, and defenses. Predict before you pick.

5 Questions • 8 Minutes AP Difficulty • Timed
Time Remaining 8:00
Exam Overview: 5 questions on wireless attack types (evil twin, jamming, war driving), adversary skill classification, attack impacts, and specific defenses (VPN, wired backup, signal power reduction). Matches AP Cybersecurity exam style.
Q1 • Predict first: Predict the attack type and its risk before reading choices

A person drives through a neighborhood with a laptop running wireless network scanning software, recording the SSIDs, encryption types, and GPS locations of every Wi-Fi network detected. They do not connect to any network. Which attack type does this describe, and what is the PRIMARY risk it creates for the detected networks?

A Jamming attack — the scanning software is disrupting wireless signals in the neighborhood
B Evil twin attack — the person is setting up a rogue network while scanning
C War driving — passive wireless reconnaissance that identifies network details enabling more targeted future attacks, such as evil twin deployment against networks with detectable SSIDs
D A DoS attack — continuous scanning requests are overloading the detected networks’ access points
Q2 • Predict first: What determines adversary skill level according to the CED?

An adversary sets up a rogue WAP in a coffee shop with the SSID “CafeExpress_Free” (the real network is “CafeExpress-Guest”). The adversary intercepts the credentials of three customers who connect to the rogue network. Which of the following MOST accurately classifies this adversary’s skill level and explains why?

A High-skilled, because the adversary was able to intercept encrypted communications
B High-skilled, because the attack targeted three victims simultaneously
C Low-skilled, because the adversary relied on pre-built evil twin tools that exploit a known vulnerability (users connecting to deceptive SSIDs), and did not need to discover or exploit any undocumented (zero-day) vulnerability
D Low-skilled, because the adversary attacked a public location rather than a corporate network
Q3 • Predict first: Match the evidence to the attack type before choosing

A hospital’s emergency room wireless network is completely disabled for 2 hours during a shift change. All wireless communication devices, pagers, and monitoring systems in the ER stop functioning simultaneously. Security finds no evidence of unauthorized access to patient records or any data exfiltration. Which attack type BEST explains these observations, and what was the PRIMARY impact?

A Evil twin attack — the disruption was caused by a rogue network pulling all devices off the legitimate network
B Jamming attack — EM signal flooding caused a denial of service for all wireless devices in the area; the primary impact was denial of service (no data was stolen)
C War driving — someone mapped the hospital’s wireless networks and the discovery disrupted service
D Credential stuffing attack — automated login attempts overloaded the wireless authentication server
Q4 • Predict first: Explain exactly what a VPN does to traffic before choosing

An employee at a hotel conference connects their laptop to “ConferenceCenter_WiFi” without verifying the SSID with hotel staff. They access their company email and internal dashboard. An adversary running an evil twin intercepts their session token. The employee has a VPN client installed but did not enable it before connecting. Which of the following BEST explains what the VPN would have prevented?

A VPN would have prevented the employee from connecting to the evil twin in the first place
B VPN would have encrypted all traffic between the employee’s device and the company servers, so even with a MITM position on the evil twin, the adversary would capture only ciphertext — the session token would have been unreadable
C VPN prevents evil twin attacks by detecting rogue SSIDs before connection
D VPN would have prevented session token theft by using a stronger authentication protocol
Q5 • Predict first: Evaluate each Roman numeral independently before choosing

Which of the following correctly describes what is TRUE about all three wireless attack types covered in Topic 1.3?

I. Evil twin, jamming, and war driving attacks can all be executed using pre-built tools available online, making all three accessible to low-skilled adversaries.
II. All three attack types result in credential theft, since wireless network access inherently enables interception of user credentials.
III. VPN prevents the data theft impact of all three attack types.

A I only
B I and III only
C II and III only
D I, II, and III
AP Cybersecurity · Unit 1 · Lesson 1.3 · Quiz

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]