The tool described matches Fern WiFi Cracker because CEH wireless assessment workflows commonly reference GUI-based auditing utilities that combine packet capture, wireless injection support, and key recovery attempts in one interface. The scenario specifically mentions three core capabilities: capturing wireless packets, sending de-authentication frames to trigger client reconnects, and attempting to recover the encryption key. Those steps align with the typical WPA cracking methodology discussed in CEH learning paths: capture the WPA handshake when a client connects, optionally force a reconnection by sending de-authentication frames, then perform an offline attack against the captured handshake using a wordlist or brute-force approach. Fern WiFi Cracker is known for presenting these functions through a graphical interface, making it a common example of an “all-in-one” Wi-Fi auditing tool.

The other options are defensive monitoring and prevention platforms, not offensive auditing tools used to actively deauthenticate clients or attempt key recovery. RFProtect, Cisco Adaptive Wireless IPS, and WatchGuard Wi-Fi Cloud WIPS are Wireless Intrusion Prevention and Monitoring solutions designed to detect rogue access points, identify attacks such as deauthentication floods, enforce wireless security policies, and generate alerts for security teams. They are used to stop or respond to attacks rather than conduct packet capture plus key-recovery attempts as part of an assessment.

Because the question emphasizes a single graphical interface that captures traffic, injects deauth frames, and attempts key recovery, the correct match among the choices is Fern WiFi Cracker.