CDS444
Service set identifier (SSID) cloaking prevents the advertising of a wireless LAN ( WLAN) SSID. Doing so hides the network from unauthorized client stations. Which of the following can defeat network cloaking?
A protocol analyzer
An evil twin is which of the followin?
A rogue access point (AP)
Which of the following is used to encrypt data of arbitrary lengths and tends to have less overhead and better throughput performance?
A stream cipher
Madison is the assistant manager of her company's finance department. she receives an email from the IT department director requesting the password and service set identifier (SSID) of her department's wireless access point. Madison suspects this is some form of social engineering because the IT director should already have access to that information. What form of social engineering is being used
Authority Scam
A malicious attacker is using an inexpensive directional antenna to detect and monitor a business's wireless network from his car. The vehicle is parked on the street about 100 yards from the target building. The attacker is gathering information from the network , such as authentication type, encryption type, and channels in useAt which layer of the Open Systems Interconnection ( OSI) Reference Model is he observing?
Layer 2 (data link Layer)
Android applications rely on process sandboxing to ensure security . Security issues created in one application will not affect other applications. The same isolation applies to resources, memory, and inter-process communications. What is the underlying attribute that permits Android applications to run like this?
Linux Kernel multi-user environment
On a network, what is the practice of impersonating authorized users to gain their level of privileges
Masquerading
You are a networking consultant who has been asked to penetration test the network of a small business . The company's tech support person gave you WPA2 -PSK credentials and the service set identifier (SSID ) of a wireless access point . You try to log on to the network but cannot connect . What is the most likely problem and how can you overcome it?
Media Access Control (MAC) filtering is in place. Scan the network, and then steal and spoof a genuine MAC address.
Which of the following provides a distribution platform for apps with application lifestyle management and handles software licensing , configuration , and usage tracking ?
Mobile application management (MAM)
What is the major difference between Android and other mobile operating systems apart from its open system model?
Once the owner gives permission to an application, the device will not prompt for permission again
A sports arena wants to provide wireless connectivity to spectators to allow them to interact during games. Spectators are considered a transient group , needing short-term access without a secure connection . Arena management desires a solution that requires little to no active management after the initial setup. Which solution is the most appropriate to arena management and spectators' needs?
Open Access
Which mobile device threat or exploit involves hijacking the device to participate in mass attacks on a third -party network?
Participating in distributed denial of service (DDoS) attacks
Under what circumstance would you most likely use a wireless extender or repeater in a small office/ home office (SOHO) design?
Persistent low signal
A company's IT security team is considering a new security awareness program for employees. The team believes mobile users need mobile - specific awareness training , especially regarding threats that are more likely to occur due to the relatively small mobile screen . What training subject is most relevant to this scenario ?
Phishing Attacks
When placing an access point for a small office /home office (SOHO) to maximize security , which of the following is a typical liability ?
Placing the access point near an exterior wall or window
The use of a walled garden is most closely associated with which of the following ?
Quarantining
Which of the following is not a major security improvement in WiFi Protected Access version 3 (WPA3)?
RADIUS-based authentication
Which aspect of an enterprise security policy is most likely to address virtual private network (VPN) connections?
Remote Access Policies
The volunteer network technician of a school recently installed wireless access, granting teachers access to a wireless local area network (WLAN). After a few weeks, teachers noticed that the online gradebooks had been tampered with. they notified the network technician, who suspected that students had been eavesdropping on the wireless communication. What improvement should the network technician make to the WLAN?
Require encryption to be used between devices and the wireless access points
Bluetooth devices that use which mode are designed and produced with no security features, making them vulnerable to attack
Security Mode 1
Which component of the Android security architecture ensures that native code is constrained by the application sandbox?
Security at the OS Linux Kernel
What is an effective method of protecting an organization's assets in a Bring Your Own Device (BYOD) model?
Security policies
You are a networking consultant who has been asked to penetration test the network of a small business . You do not have any details regarding the network . You initially notice that employees are using laptops and tablets but you cannot find any available Wi -Fi network . What basic security measure is being deployed , and how can you defeat it?
Service Set Identifier (SSID) Cloaking; using kismet
Which of the following is an Application Layer protocol used to provide a message format for exchanging information between a network management system (NMS) and a host agent ?
Simple Network Management Protocol Version 3 (SNMPv3)
What is the main reason why social engineering is often successful?
Social engineers know how to take advantage of human tendencies
As Google and Apple have released operating system version updates over the years, which of the following occurred?
Some security principles were relaxed
Considering the Open System Interconnection (OSI) Reference Model Layers, what denial of service (DoS) attack is unique to wireless networks?
Spoofed MAC address sending authenticate request on the media access control layer
Which of the following is not.a bluetooth vulnerability
Switching off discovery mode
Ashley is a wireless network engineer for her company. She is visiting a branch office for the first time in several months. She notices that the furniture has been rearranged and that the trees and shrubs surrounding the building have been trimmed recently. What is her concern regarding the impact of those changes on the wireless LAN (WLAN) and radio frequency (RF) signals
That the WLAN's RF signals will extend beyond the boundaries of the building
Rooting, or overriding Android operating system (OS) security, gives the user root (super-user) permissions on an Android device. Which subset or section of the Android operating system is rooted?
The OS Kernel
A Remote Authentication Dial-In User Service (RADIUS) client is often built into a wireless access point ( VAP) . Which of the following best represents the WAP's role versus the RADIUS server in authenticating the client?
The WAP sends an authentication request to the RADIUS server
Which of the following is a characteristic of the Android sandbox ?
The application kernel is within the operating system (OS) kernel
In Android , only trusted applications can access protected application programming interfaces (AP|s) , such as those associated with such as the camera and location data. Trusted APIs are protected by permissions . Which of the following is not true of permissions ?
The owner can revoke an installed application's individual permissions at anytime
Which of the following is not a feature of Windows Phone architecture?
The release of only one new phone per year
If Microsoft and Google implement their own versions of Handoff -like technology , what is a likely outcome ?
The sandbox concept will be relaxed
What is the purpose of jailbreaking an Apple iOS device?
To give users privileged control and install applications from any source
What is the purpose of an application sandbox
To run applications in isolation
True or False ? A dead spot on a wireless network is where the radio signal does not reach .
True
True or False ? The IEEE 802.1X specification describes three entities : supplicant authenticator , and authentication server
True
True or False ? The Wi- Fi Protected Access 3 (WPA3 ) protocol specifically defines a new handshake that eliminates the passphrase handshake vulnerability with WPA2
True
True or False? Disabling unused Ethernet switch ports by default helps to prevent rogue access points from getting an Ethernet backhaul connection .
True
True or False? For enterprises and large organizations, the 802.11i standard requires 802.1X for Enterprise mode as the authentication mechanism
True
True or False? In the Android OS, broadcast receivers respond to systemwide notifications such as "battery low" or "microphone unplugged."
True
True or False? Mobile device management (MDM) and mobile application management (MAM) are considered subsets of enterprise mobility management (EMM) .
True
True or False? Open System Authentication (OSA) is in useShared Key Authentication (SKA) is deprecated and no longer in use .
True
True or False? The Android software stack contains the security measures required to secure applications, with each layer assuming that the components lower in the stack are secure.
True
True or False? The App Store is the only authorized source for third-party applications for iPhones, iPods, and iPads.
True
True or False? Used with Simple Network Management Protocol Version 3 ( SNMPv3) , a message information base ( MIB) is a database for storing network information such as latency and jitter
True
True or False? Wi -Fi as a Service (WaaS ) outsources the management of wireless networks to cloud-based service providers .
True
True or False? Windows Phone 8.1 is a closed system and the underlying OS code is not available to developers.
True
True or false? Wardriving can be used to launch a replay attack
True
True or false? the BleedingBit Bluetooth vulnerability does not need to pair with the victim device to be effective
True
True or false? the skill level of some hackers makes the task of 100% security nearly impossible
True
True or False? Bring Your Own Applications (BYOA) is a term for when employees use third-party cloud application services in the workplace .
Truw
A faulty transmitter on a company's wireless LAN (WLAN) is constantly transmitting. Because only one radio station can transmit at a time, none of the other devices can communicate. This creates a denial of service (DoS). which of the following attack is being used.
Unintended
In addition to the Android operating system being open source, the source code behind the applications running on Android is also viewable . The process to view source code within any Android application involves which step?
Using Android SDK to decompile the code
Which of the following is a type of internal user segmentation that uses access control lists ( ACLs) and service set identifiers (SSIDs )?
Virtual Local Area Network (VlLAN)
the following which should be the first choice in wireless data protection ?
WPA2 + CCMP
Which of the following provides data privacy over public networks, protection against brute force attacks, and perfect forward secrecy ?
WPA3
There are two opposing models of source code management for mobile operating systems One is the open source model which developers can freely alter. The Android operating system follows this model . Apple's operating system follows the other model . Which of the following best characterizes the Apple iOS philosophy ?
Walled garden
What is the practice of searching for wireless access points using unauthorized and covert reconnaissance
Wardriving
What is a pre-Robust Security Network (RSN ) Layer 2 encryption method that protects information in the payload from Layers 3 through 7?
Wired Equivalent Privacy (WEP)
Given the ubiquitous nature of Bring Your Own Device (BYOD) in organizations , along with working from home, what is a primary concern of IT security professionals ?
Wireless Security in the home office
which of the following is not true of Bluetooth security modes
With Bluetooth security Modes 1 through 3, no service security trust model is applied
You are a networking consultant who has been asked to penetration test the network of a small business. You locate a target wireless network and can connect , but you cannot authenticate because it uses WPA2 - PSK encryption . How can you bypass the encryption ?
You can try social engineering techniques to get the shared password
Ad hoc networks are a known risk in corporate environments. Which of the following is true of ad hoc networks in a corporate setting?
ad hoc connections should be avoided whenever possible
True or false? Assuming the same level of skill, an outsider is a higher risk to security that a trusted insider
false
True or false? wireless networks are vulnerable to malicious data injection because these networks do not use firewall
false
Susan is a developer. She wants to create a mobile application for either an Android device or an Apple iOS device Because Susan is security conscious , her goal is to ensure hackers cannot modify an application after it is released What platform ( s) can she release the application on, and why ?
iOS, kept secure by application provenance
Which of the following is not true of enterprise mobility management (EMM) ?
it is designed only for windows phone
Which of the following is created by app developers specifically to monetize their applications through connections to aggressive third-party advertising networks?
potentially unwanted application (PUA)
What is the purpose of rooting an Android device ?
to give users privileged control and install application from any source
Which of the following is a best practice when attempting to contain radio- frequency (RF) waves within a building?
use semidirectional antennas
Which of the following can scan the network, looking for security issues and vulnerabilities on Android devices?
Android Framework for Exploitation
Which of the following is the official Android development tool?
Android SDK
True or False? Extensible Authentication Protocol (EAP) works by creating a secure tunnel using Lightweight Extensible Authentication Protocol (LEAP)
False
True or False? Media Access Control (MAC ) addresses cannot be spoofed
False
True or False? Mobile application management (MAM) software often provides remote control to allow an administrator to take control of the phone .
False
Which mobile phone threat or exploit involves the activation of another location and tracking port to monitor location?
Global positioning system (GPS) tracking
A hotel is an environment in which many individuals demand wireless access, yet access should be granted only to paying guests. A solution is needed to interrupt the connection attempt and validate paying hotel guests. Which of the following solutions provides the best and most common approach?
Guests use a captive portal and a authenticated dynamic host configuration protocol
Of the following, where is it most important to use a virtual private network (VPN) connection for data security?
In a public space such as a coffee shop
You are a network administrator. The network you manage has a wireless access point and a repeater. You detect a dead spot while checking coverage. How do you compensate for the dead spot ?
Increase the power settings of the wireless access point
Which of the following is not true of Handoff?
It allows a user to switch between an iPhone and a Windows Phone device seamlessly
What makes the Apple iPhone with iOS ideal for Bring Your Own Device (BYOD) ?
It has one operating system and only one or two models of each version of the devices
Which of the following is not true of Open System Authentication (OSA) ?
It is the most secure method of Layer 2 authentication
Which of the following is not true of jailbreaking Apple iOS?
It supports the walled garden security approach
Which of the following is used to provide an Internet Protocol (IP) address and a network configuration to previously authenticated clients ?
Authenticated Dynamic Host Configuration Protocol (DHCP)
Domingo is a network security consultant hired by a multinational corporation . He is assessing security controls in the client's IT infrastructure . The client has proof that it has been the victim of a multi - phased attack carried out by a nation state-backed hacker consortium over the course of 14 months . The group stole highly valuable proprietary information . What kind of attack is the client describing ?
Advance Persistent Threat (APT)
Which aspect of an enterprise security policy is most likely to address Remote Authentication Dial -In User Service (RADIUS ) and the deployment of thin access points ?
Centralized versus Distributed design and management
On a network, which type of guest access enables all visitors to share a known password for user authentication ?
Common guest password
Which of the following is an encapsulation method used to securely transport keying material for encryption over wireless and Point-to-Point Protocol (PPP) networks ?
Extensible Authentication Protocol (EAP)
True or False? Always on Listening is an Apple iOS feature that allows users to move seamlessly between devices , continuing right where they left off when they switch devices .
False
True or False? Android does not have the ability to encrypt data through cryptographic application programming interfaces (APIs)
False
True or False? Apple is open source and follows a walled garden philosophy.
False
Which of the following enables external user segmentation in which a visitor Wi-Fi network is on its own Wi-Fi subnet?
Demilitarized Zone (DMZ)
A large hospital campus is redesigning its wireless network. The goal is to create a simple architecture while keeping maintenance costs to a minimum. Which of the following is a likely component in this implementation?
Deploy thin access points and a centralized controller
Which component of the Apple architecture involves passwords, pins, and remote wipe?
Device Access
Which of the following makes it impossible for cybercriminals to modify or tamper with released Apple iOS applications?
Digital certificate form approved products
Which component of the Android security architecture identifies application authors and deters or prevents malware ?
Digital signing of applications
Which of the following provides a means to identify neighboring devices on a network and create a network map?
Discovery Protocols
