8.2/ Wireless Attacks

¡Supera tus tareas y exámenes ahora con Quizwiz!

Crack Wi-Fi encryption with Aircrack-ng

1. Enable monitor mode on a wireless adaptor by using 'airmon-ng' command to put the network card into monitor mode 2. Capture handshake 3. Capture Wi-Fi key

Use wireless attack tools

1. Kali Linux Tools (Fern Wi-Fi Cracker) 2. Use Internet to find tools (Aircrack, Airsnort, Cain &Able, Wireshark, wigle.net, etc) 3. Hack a wireless network (easy to bypass MAC address filtering) 4. Change wireless interface to monitor mode : a.To change wireless interface to monitor mode, identify the name of the wireless card b. Type 'ifconfig' or 'ip address show' and enter c. To take interface down, use 'iwconfig' command to switch it to Monitor mode d. Type 'airmon-ng check wlan0' command to make sure there aren't any processes that will conflict with the tool we are going to use e. Kill any processes that appear 5. Capture signals with Airodump 6. Spoof MAC address 7. Connect to the network

Configure rogues host protection

1. Log in to wireless controller 2. Select config 3. Configure self-healing on the wireless network 4. Configure background scanning for rogue device detection 5. Configure load balancing 6. Configure band balancing 7. Reduce power levels in building As

Initialization vector(IV)

A seed value used in encryption The seed value and key are used in an encryption algorithm to generate additional keys or encrypt data

Interference

A signal that corrupts or destroys a wireless signal can affect communication of access points and other wireless devices

Rogues access points

Any unauthorized access point added to a network

Which type of RFID tag can send a signal over a long distance?

Active

What is the difference between passive and active radio frequency identification (RFID) tags?

Active RFID tags have onboard batteries and can send signals over a long distance (Ex. road toll pass) Passive RFID tags are seen in ID badges, credit cards and similar devices. Not powered and relies on the energy of the scanner to transmit data

Which of the following best describes an evil twin?

An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information.

You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)

Conduct a site survey. Check the MAC addresses of devices connected to your wired switch.

Detect rogue hosts

Configure wireless controller to detect rogue hosts 1. go to Insight > Untrusted Rogue APs -> no list yet 2. trigger a scan to look for -> go back to check untrusted rogue APs -> find the list

Which type of interference is caused by motors, heavy machinery, and fluorescent lights?

EMI

Which type of attack is WEP extremely vulnerable to?

IV attack

You are the security analyst for your organization. Clients are complaining about being unable to connect to the wireless network. After looking into the issue, you have noticed short bursts of high-intensity RF signals are interfering with your wireless network's signal. Which type of attack are you most likely experiencing?

Jamming

Radio frequency identification

RIFD uses radio waves to transmit data from small circuit boards called RFID tags to special scanners

An attacker has intercepted near-field communication (NFC) data and is using that information to masquerade as the original device. Which type of attack is being executed?

Relay

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day, you find that an employee has connected a wireless access point to the network in his office. Which type of security risk is this?

Rogue access point

What is an initialization vector used for?

Used in encryption WEP encryption that uses IV can be cracked in as little as 1-2 minutes, so no longer use this Newer standards such as WPA2 and WPA3 do not use IVs in the encryption process

Which of the following best describes Bluesnarfing?

Viewing calendar, emails, and messages on a mobile device without authorization

Near Field Communication (NFCP

allows two-way communication between two devices The devices myst be within a few centimeters of each other Newer techonology that is built on RFID

Which of the following sends unsolicited business cards and messages to a Bluetooth device?

bluejacking

What is the difference between bluejacking and bluesnarfing?

bluejacking: looks for nearby devices that are in discovery mode and sends unwanted messages The attacker is unable to steal any data bluesnarfing: exploits a vulnerability in the object exchange protocol that allows an attacker to pair to the target device. Once paired, the attacker can view the calendar, emails, text messages, contact lists, and other data on the device


Conjuntos de estudio relacionados

Research Note Cards ( Animal Rights)

View Set

PSY1001 Final Exam Review (13,14,15,16)

View Set

Cellular Respiration & Photosynthesis

View Set