6013 Security in Mobile Computing Final
Which of the following are true about SSO?
-Users need to remember only one password. -It reduces the management burden of IT. -It can enhance security on a well-run network or worsen security on a poorly run network.
Which of the following versions of SNMP offer protection in the form of encryption?
. SNMPv3
Which of the following describes an evil twin?
A version of a rogue AP in which the device masquerades as a legitimate access point
An 802.11 wireless client can be which of the following?
A. A wireless-enabled PC B. An access point C. A Wi-Fi-enabled phone D. A wireless thermostat
Which of the following describes AES encryption?
A. It is a block cypher. B. It is theoretically crackable, although the time and resources required make it a impractical. C. It is used with IPSec, WPA, and WPA2.
Which of the following best describes SSID segmentation?
A. It is practical in SOHO environments. B. It is a good way to apply different policies to different groups. C. It can give greater throughput to certain users or groups.
Which of the following are sources of RF interference?
A. Microwave ovens B. Bluetooth radios C. Other wireless networks D. Malicious jammers
Extensible Authentication Protocol does which of the following?
A. Protects authentication credentials B. Can be used over a LAN to securely connect to a RADIUS server C. Is independent of the authentication method used
Wardrivers look for which of the following vulnerabilities?
A. The use of default administrative usernames and passwords B. No or weak encryption C. The use of default SSID settings
Why is packet analysis particularly problematic on wireless networks?
A. You can "listen" to traffic without a physical connection. B. Unlike wired networks, you don't need port mirroring to see all the traffic. C. Packets can be modified and reinserted without authentication. D. It can be used to initiate a local denial of service attack.
Self-organizing WLANs do which of the following?
Adjust power levels and channels via a controller to ensure peak performance
3. A basic service set is comprised of which of the following?
An access point and several wireless clients
The ability of many smart devices to access mobile and Wi-Fi networks simultaneously creates potential issues with which of the following?
Data leakage
Grid and parabolic antennas are examples of which of the following?
Directional antennas
5. Thin access points have basic switching capabilities.
False
Passive scanning allows a client to find a wireless network for the first time?
False
Passive surveys automatically collect and assess connection-quality information.
False
Site surveys help determine RF coverage only.
False
Unskilled attackers are not a threat and can be disregarded.
False
Wireless-based DoS attacks only happen at Layer 1.
False
Why does social engineering tend to work?
Hackers know how to take advantage of human behaviors and tendencies.
4. What is the effect of increasing the gain on an omnidirectional antenna?
It increases horizontal coverage while decreasing vertical coverage.
Which of the following describes binary protection?
It prevents rogue developers from reverse engineering or tampering with application code.
Which of the following is a good way to prevent rogue access points?
Lock down (shut off) unused Ethernet ports.
Why are certificate authority (CA) exploits an issue on smart devices?
Many mobile applications are deployed without requiring a check of the validity of SSL certificates.
Which of the following describes the act of wardriving?
Searching for unsecured wireless networks while driving around
Which of the following KPIs is unaffected by the use of Voice over IP (VoIP) or Voice over WLAN (VoWLAN)?
Security
Which of the following is not true about captive portals?
They are used only for hacking purposes and should be avoided.
In addition to searching for rogue devices, scanning wireless networks is also used to do which of the following?
To verify that security measures are in place on authorized access points
Clients on the same VLAN act as if they are on a common switch with the same policies regardless of where they are located.
True
IPSec is a very secure protocol suite that's easy to implement with a shared secret.
True
Most Bluetooth vulnerabilities are based on how they connect, or peer, with each other, and can be mitigated by disabling connectivity while out of the office.
True
Unauthorized wireless access is often a means of access for sophisticated attacks.
True
Which of the following is the best way to increase the range of a wireless signal?
Use a wireless extender.
Which of the following is not a risk from client side-injection attacks?
data leakage
All 40 of the Extensible Authentication Protocol (EAP) methods of authentication are approved for WPA and WPA2.
false
It does not matter where you place an access point within a home or a building because you can increase the power to get the needed coverage.
false
PC-based USB exploits are not a concern for mobile devices because most of these devices do not have USB ports.
false
The RADIUS server is a central repository for all the authentication data and can issue the success or fail notifications. However, the access point still needs to know the client's authentication credentials.
false
WPA has been deprecated and should not be used.
false
Weak server-side security does not pose a direct threat to mobile clients.
false
Which of the following describes MAC filtering?
not flawless, does not work at layer 3, not an approved data protection method
Assignment to a VLAN can be determined through the authentication process when joining a network.
true
Changing the passphrase is a good way to eliminate or identify unknown clients on a WLAN.
true
Discovery protocols are great for IT personnel, but are also useful to hackers; for this reason they should be limited and carefully controlled.
true
For larger networks or campuses, centralized control greatly simplifies design and tends to work better due to the time savings offered with regard to maintenance.
true
