Mod 12 Day 2
Z-Wave devices operate in the ____________ frequency range. Data rates are up to ________. Typical transmission range is up to ________ meters.
sub-1GHz, 100 kbps, 100 meters
ZigBee devices primarily operate in the _______ frequency range. Data rates in this band can be up to __________. typically transmission range is between ______ to _____ meters.
2.4 GHz, 250 kbps, 10-20
Classic Bluetooth operates in the _________ frequency band using _________ modulation. The Transmission of frequency changes _____ times per second in a ______ pattern access _____ channels. Classic Bluetooth supports data rates ups to _________.
2.4GHz ISM, FHSS, 1,600, Pseudorandom, 79, 3mbps
Active tags can be read from distances ups to _______ ft or more. Passive Tags can be read up to _____ ft away.
300 ft, 30 ft
Typically QR codes can store up to _____ numeric or _________ alphanumeric characters.
7,089, 4296
The ____ _____ can be derived through reverse engineering of the classic bluetooth MAC header Checksum.
8-bit UAP
The biggest security concern with QR codes is _____ ______. explain the concept of this attack.
Attack Tagging, Malicious website that the QR codes takes one to.
the BD_ADDR os broken into three parts:
NAP, UAP and LAP
a bluetooth WPAN is known as a ______. This type of a network supports up to __ devices; ____ master and up to ___ slave devices.
Piconet, 8, 1, 7
___________ ______ are two-dimensional representation of digital data that can be interpreted by mobile devices through the use of the embedded camera.
QR Codes
NFC is a subset of ______ communications. NFC has a communication range of under _____cm, typically works under ____cm. NFC operates on a frequency of _________ and has a max data rate of ________.
RFID, 10, 4, 13.56 MHz, 424 kbps
the _____________________ may allow an attacker to get a target device to perform a new link key negotiation allowing for collection of information needed for a pin brute force attack.
Re-pairing Attack
What are the two security modes within each security model?
standard (residential), high-security (commercial)
What security concern is associated with RFID-enabled access cards, particularly those prior to 2015?
"Skimming"
bluetooth 4.0 LE supports data rates up to _______ while bluetooth 5.0 LE increased there max data rates to _____. BLE operates in the _______ frequency band used FHSS over ______ data channels and _____ advertising channels.
1 mbps, 2 mbps, 2.4GHz, 37, 3
_________ _________ _________ allows the classic bluetooth devices to alter their hopping sequences and not use channels with interference.
AFH
which discovery mode is known as inquiry scanning?
Active discovery
What is the difference between Active and Passive RFID tags?
Active has a battery and can be two types, transponder and beacon. Passive does not have a battery but is powered through the signal from a reader.
list the four methods for discovering the BD_ADDR:
Active, Passive and Hybrid Discovery and Traffic Analysis
Bluetooth profiles define _____ _____ and _______ ______ for various bluetooth uses.
Additional Functionality, Security mechanisms
The security or link key created during Traditional Pairing used with classic bluetooth is derived from 3 components:
BD_ADDR, a pin and some random number
the ____ ______ is responsible for higher layer protocols.
Bluetooth host
________ _____ indicates the device is capable off BLE communications only.
Bluetooth smart
____ _____ _____ indicates a dual-mode capability of communicating with both bluetooth classic and BLE devices.
Bluetooth smart ready
What are the three modes of NFC operation?
Card emulation, discovery, p-to-p
what are the two security models that ZigBee networks can employ?
Centralized(more Secure) Distributed(less secure)
most commonly used Bluetooth devices operate in what power class?
Class 2: 2.5 mW 10 meters
WBAN operate in what power class?
Class 3: 1 mW 1 meter
An attacker may be able to impersonate a trusted device or permitted device type to allow for attacks or information gathering through _____ ________ _______.
Device identity manipulation.
bluetooth devices advertise their BD_ADDR and device name when operating in ______ mode of operation.
Discovery
ZigBee is an upper level protocol (Network and Application layers.) What standard provides specification for layer 1 and layer 2 used by ZigBee devices?
IEEE 802.15.4
list the reasons why Bluetooth traffic is difficult to "SNIFF"?
FHSS modulation. unique long hopping pattern based on "secret" BD_ADDR of master and clock. standard bluetooth interface doesn't support a monitor-mode for passive sniffing.
T/F? NFC communications have limited all of the security concerns associated with RFID communications.
False
T/F? The BD_ADDR is transmitted on the header of the bluetooth frame.
False
T/F? ZigBee networks can configure devices in the same network to used different models and modes so that an important device can receive greater protection that non-critical devices.
False
on a classic bluetooth stack, the _____________ is the interface between the user-accessible protocols implemented on the bluetooth host and the typical inaccessible protocols implemented on the bluetooth controller.
Host Controller Interface
Z-Wave is an upper level protocol(network and application layer). what standard provides specification for layer 1 and 2 used by Z-Wave devices?
ITU-T G.9959
Since passive tags have no power source, they are read through the concept of _____ _____ where the changes in an electromagnetic field are detected by the RFID reader.
Inductive Coupling
______________ upgraded classic bluetooth security by removing the vulnerability to brute force attacks against the pin.
SSP
which security mode was designed for residential application?
Standard
In what type of network topologies can ZigBee devices be deployed?
Star, Tree and Mesh
what could be the result of manipulation data written on an RFID tag?
Swap of objects, logical duplication of objects
The ______ ______ is used to identify to which piconet a bluetooth packet belongs. It also contains the _______ ________ of the piconet's master device.
Sync Word, 24-bit LAP
What is the difference between transponders and beacons?
Transponders only emit when interrogated. Beacons emit in regular intervals.
T/F? NFC communications can be simplex, half duplex or full duplex.
True
passive discovery is conducted through _______ ______ of a device. a _____ ______ may reveal the BD_ADDR along with a barcode or QR Code to enable pairing.
Visual inspection Printed label
in what topology can Z-Wave devices be deployed?
Wireless Mesh
BLE operates in what power class?
class 1.5: 10 mW 20 meters
of the three function types that Zigbee devices can function, which one allows it to act as a trust center?
coordinator
What security concern is associated with RFID-enabled total keycards?
encryption cracking for masterkey.
The two devices that comprise an NFRC networks are ______ and ____.
initiator and target
Bluetooth interface power class 3
max power: 1 mW and approx 1 meter
Bluetooth interface power class 1.5
max power: 10 mW and approx range 20 meters
Bluetooth interface power class 1
max power: 100 mW and approx range 100 meters
Bluetooth interface power class 2
max power: 2.5 mW and approx 10 meters
What is the biggest security threat associated with Z-Wave?
optional encryption not implemented
What three major parts of an RFID system include:
reader/interrogator, an antenna and a tag
_____________ can be used to enumerate bluetooth services via the sdp
sdptool