During routine network surveillance, a network administrator notices intermittent connectivity issues on a wireless network. A protocol analyzer is employed to capture and examine the wireless traffic. What kind of information should the administrator look for in the packet capture to diagnose a potential wireless deauthentication attack launched by an unauthorized user?
High number of outbound DNS queries
Successful DHCP leases being granted
Excessive TCP retransmissions
Frequent deauthentication packets in wireless traffic