An SSID (service set identifier) is the public name that identifies a wireless network, like 'CoffeeShop_WiFi.' On the AP Cybersecurity exam, it's the name you must verify before connecting, since adversaries can clone it in evil twin attacks.
An SSID (service set identifier) is just the name of a Wi-Fi network. When your phone shows a list of networks to join, every name on that list is an SSID. It's broadcast openly so devices nearby can find and connect to the network.
Here's the catch the CED cares about: an SSID is only a name, and names are easy to copy. There's no rule stopping an attacker from creating their own wireless network with the exact same name as a legitimate one. That's the whole mechanism behind an evil twin attack (EK 1.3.B.1), where an adversary sets up a wireless access point with an SSID that's similar or identical to a target network. Because the names look the same, you might connect to the fake one without realizing it.
SSID lives in Unit 1: Introduction to Security, specifically topic 1.3 (Best Practices for Public Networks). It anchors two learning objectives. For AP Cybersecurity 1.3.C, EK 1.3.C.1 says you should verify that the name of any wireless network you join exactly matches the network you intend to join. That 'exactly matches' is the SSID. For AP Cybersecurity 1.3.B, the SSID is what makes the evil twin attack possible in the first place. So this one small term ties together both an attack type and a defense.
Keep studying AP Cybersecurity Unit 1
Visual cheatsheet
view galleryEvil Twin Attack (Unit 1)
An evil twin attack is what happens when someone weaponizes an SSID. The adversary copies a real network's name so victims connect to the attacker's access point by mistake. Same name, wrong owner.
WAP / Wireless Access Point (Unit 1)
A WAP is the physical device that broadcasts a wireless network, and the SSID is the name it advertises. An evil twin is really just a rogue WAP broadcasting a stolen SSID.
HTTPS and VPN (Unit 1)
Connecting to the wrong SSID lets an attacker see your traffic, but only the unencrypted parts. HTTPS and a VPN keep your data protected even on a sketchy or hostile network, which is why EK 1.3.C.3 recommends a VPN on public Wi-Fi.
SSID shows up in multiple-choice questions in two ways. First, scenario stems describe a user connecting to 'what appears to be their company's network' that's actually controlled by an attacker, and you identify it as an evil twin attack. Second, war driving questions ask what an adversary detects when they see a network name like 'CoffeeShop_WiFi' while moving through a neighborhood, and the answer is the SSID. No released FRQ has used SSID verbatim, but it supports the kind of best-practices reasoning topic 1.3 rewards: name the defense (verify the exact SSID) and the attack it stops (evil twin).
An SSID is the name of a network; a WAP is the hardware device that broadcasts it. One is a label, the other is a box. An evil twin attack uses a rogue WAP that broadcasts a copied SSID, so both terms appear in the same scenario but mean different things.
An SSID is the name that identifies a wireless network, like the entries you scroll through when picking Wi-Fi.
Before joining a network, verify that the SSID exactly matches the one you intend to join (EK 1.3.C.1).
Because an SSID is just a name, an adversary can copy it to set up an evil twin and trick you into connecting (EK 1.3.B.1).
An attacker on the same network can only read your unencrypted traffic, so HTTPS and a VPN still protect your sensitive data.
In war driving questions, the network name an adversary detects while moving around is the SSID.
An SSID (service set identifier) is the name of a wireless network. The CED highlights it because you should verify the SSID exactly matches the network you mean to join (EK 1.3.C.1), since attackers can clone names in evil twin attacks.
No. The SSID is the public name of the network that anyone nearby can see, while the password is the secret credential you enter to connect. An attacker copying an SSID isn't the same as stealing a password.
An SSID is the network's name; a WAP (wireless access point) is the physical device that broadcasts that name. In an evil twin attack, a rogue WAP broadcasts a copied SSID, so both show up in the same scenario but mean different things.
Yes, easily, because an SSID is just a name with nothing stopping duplication. That's exactly what an evil twin attack does (EK 1.3.B.1), setting up a network with a similar or identical SSID to fool victims into connecting.
If you connect to a fake SSID, an attacker can capture your unencrypted traffic. Verifying the exact SSID (EK 1.3.C.1), plus using HTTPS and a VPN, keeps your sensitive data safe on public networks.
Connect this key term to the AP exam workflow: review the course, practice questions, and check related study tools.