Ch. 13 - Wi-Fi, Bluetooth, and Mobile Devices
D. A networking hardware device that allows other Wi-Fi devices to connect to a wired network.
Which of the following best describes a wireless access point? A. A device that repeats the wireless signal from your router to expand its coverage. B. A device used to connect two or more computers without using any pre-existing infrastructure, such as a router. C. A device that forwards IP packets between your wireless subnet and any other subnet. D. A networking hardware device that allows other Wi-Fi devices to connect to a wired network.
A. Bluesmacking
Which of the following types of Bluetooth hacking is a denial-of-service attack? A. Bluesmacking B. Bluesnarfing C. Bluejacking D. Bluebugging
B. The SSID is a unique name, separate from the access point name.
You are configuring several wireless access points for your network. Knowing that each access point will have a service set identifier (SSID), you want to ensure that it is configured correctly. Which of the following SSID statements are true? A. The SSID name adds security, but is optional in most cases. B. The SSID is a unique name, separate from the access point name. C. The SSID and the name of the access point are the same thing. D. The SSID can be hidden, making it less vulnerable to attack.
D. Rooting or jailbreaking
Which of the following can void a mobile device's warranty, cause poor performance, or brick a mobile device (making it impossible to turn on or repair)? A. Permissions-based access controls B. Third-party applications C. Digital signing D. Rooting or jailbreaking
A. Android
Which of the following operating systems is the most prevalent in the smartphone market? A. Android B. iOS C. Blackberry D. Windows
C. Root the Android device.
Linda, an Android user, wants to remove unwanted applications (bloatware) that are pre-installed on her device. Which of the following actions must she take? A. Sideload the unwanted applications. B. Run a Settings application with administrative privileges. C. Root the Android device. D. Jailbreak the Android device.
D. hcitool inq
Which of the following Bluetooth discovery tool commands will show the Bluetooth MAC address, clock offset, and class of each discovered device? A. hciconfig hci0 up B. hcitool scan C. l2ping scan D. hcitool inq
D. A hacker installing an unauthorized access point within a company.
Which of the following best describes a rogue access point attack? A. A hacker getting a user or client to unintentionally connect to their access point instead of the legitimate point the user intended to use. B. A hacker advertising an access point using an extremely strong signal for malicious purposes. C. A hacker taking advantage of an access point that has not implemented the basic techniques to protect the network. D. A hacker installing an unauthorized access point within a company.
D. Mixing personal and corporate data
Which of the following bring-your-own-device (BYOD) risks is both a security issue for an organization and a privacy issue for a BYOD user? A. Lower cost B. Confidential data exposure C. Work flexibility D. Mixing personal and corporate data
A. Parabolic
Which of the following types of wireless antenna is shown in the image? (pic of antenna with dish) A. Parabolic B. Dipole C. Yagi D. Helical
C. Yagi
Which of the following types of wireless antenna is shown? (pic of weird antenna) A. Helical B. Parabolic C. Yagi D. Dipole
A. The creation of Bluetooth bugging and eavesdropping devices.
Which of the following Bluetooth threats has increased due to the availability of software that can be used to activate Bluetooth cameras and microphones? A. The creation of Bluetooth bugging and eavesdropping devices. B. Smartphone worms that replicate by exploiting Bluetooth connections. C. The leaking of calendars and address books through the Bluetooth protocol. D. Phone calls made through compromised smartphones to numbers that charge fees.
D. A physical location where people may obtain free internet access using Wi-Fi.
Which of the following best describes a wireless hotspot? A. A device that repeats the wireless signal from your router to expand its coverage. B. A networking hardware device that allows other Wi-Fi devices to connect to a wired network. C. A device used to create a Peer-to-Peer network. D. A physical location where people may obtain free internet access using Wi-Fi.
A. To find information that will help breach a victim's wireless network.
Which of the following best describes the purpose of the wireless attack type known as wardriving? A. To find information that will help breach a victim's wireless network. B. To capture user's critical information, such as passwords or bank account numbers. C. To trick a user into using the hacker's access point. D. To block a company's authorized wireless communications using radio noise or signals.
C. The iOS operating system stack.
Which of the following best describes this image? (graphic of IOS system stack) A. The Mobile Security Model. B. The Android Application Programming Interfaces (APIs). C. The iOS operating system stack. D. The operating system layers that can be overcome by rooting or jailbreaking.
C. Malicious websites
Which of the following mobile security concerns is characterized by malicious code that specifically targets mobile devices? A. Unsecure applications B. Phishing attacks C. Malicious websites D. Lost and stolen devices
A. airodump-ng wlp1s0mon
You are a cybersecurity consultant. The company hiring you suspects that employees are connecting to a rogue access point (AP). You need to find the name of the hidden rogue AP so it can be deauthorized. Which of the following commands would help you locate the rouge access point from the wlp1s0 interface and produce the results shown? (graphic of a terminal) A. airodump-ng wlp1s0mon B. airocrack-ng wlp1s0mon C. airmon-ng start wlp1s0 D. aircrack-ng start wlp1s0
B. The inventory will show the device as vulnerable.
Alan, an ethical hacker, roots or jailbreaks a mobile device. He checks the inventory information reported by the mobile device management (MDM) software that manages the mobile device. Which of the following describes what he expects to see in the inventory? A. The inventory will show that a device lockout has occurred, preventing anyone from using the device. B. The inventory will show the device as vulnerable. C. The inventory will show that all data has been removed from the device. D. The inventory will show that a password is no longer needed to access the device.
A. Use a Wi-Fi predictive planning tool to determine where to place your access points.
The ACME company has decided to implement wireless technology to help improve the productivity of their employees. As the cybersecurity specialist for this company, you have the responsibility of seeing that the wireless network is as secure as possible. Which of the following best describes one of the first countermeasures that should be used to ensure wireless security? A. Use a Wi-Fi predictive planning tool to determine where to place your access points. B. Actively perform radio frequency (RF) scanning to monitor the RF spectrum for rogue access points. C. Ensure that passphrases are used for WPA and WPA2 encryption. D. Perform a pre-penetration test.
D. Don't auto-upload photos to social networks.
Which of the following mobile security best practices for users is concerned with geotags? A. Don't root or jailbreak the mobile device. B. Configure a passcode to access the mobile device. C. Don't install too many applications. D. Don't auto-upload photos to social networks.
D. Acceptable use policy
Which of the following policies best governs the use of bring-your-own-device (BYOD) that connect with an organization's private network? A. Remote management policy B. Cloud usage policy C. Remote wipe policy D. Acceptable use policy
A. Check for a cross-application-scripting error
Which of the following steps in an Android penetration test checks for a vulnerability hackers use to break down the browser's sandbox using infected JavaScript code? A. Check for a cross-application-scripting error B. Check for unencrypted email passwords C. Detect capability leaks D. Exploit the Android Intents system
B. CCMP
You are a cybersecurity specialist. ACME, Inc. has hired you to install and configure their wireless network. As part of your installation, you have decided to use Wi-Fi Protected Access 2 (WPA2) security on all of your wireless access points. You want to ensure that the highest level of security is used. Which of the following encryption protocols should you use to provide the highest level of security? A. PSK B. CCMP C. WEP D. TKIP
D. Footprinting
James, a penetration tester, uses nmap to locate mobile devices attached to a network. Which of the following mobile device penetration testing stages is being implemented? A. Post-exploitation B. Scanning C. Exploitation D. Footprinting
B. Bluebugging
Jim, a smartphone user, receives a bill from his provider that contains fees for calling international numbers he is sure he hasn't called. Which of the following forms of Bluetooth hacking was most likely used to attack his phone? A. Bluesniffing B. Bluebugging C. Bluejacking D. Bluesmacking
B. sdptool
Which of the following Bluetooth configuration and discovery tools can be used to check which services are made available by a specific device and can work when the device is not discoverable, but is still nearby? A. hcitool B. sdptool C. hciconfig D. l2ping
B. Btlejuice
Which of the following Bluetooth hacking tools is a complete framework to perform man-in-the-middle attacks on Bluetooth smart devices? A. Bluediving B. Btlejuice C. BluetoothView D. BTScanner
B. l2ping
A user is having trouble connecting to a newly purchased Bluetooth device. An administrator troubleshoots the device using a Linux computer with BlueZ installed. The administrator sends an echo request to the device's Bluetooth MAC address to determine whether the device responds. Which of the following commands was used? A. hciconfig B. l2ping C. hcitool D. sdptool
A. Use hidden mode when your Bluetooth device is enabled.
Which of the following Bluetooth attack countermeasures would help prevent other devices from finding your Bluetooth device that is in continuous operation? A. Use hidden mode when your Bluetooth device is enabled. B. Use a regular pattern when pairing your device. C. Raise the power setting on Bluetooth devices. D. Ensure the Bluetooth device is operating in a lower security mode.
D. A software-based access point.
You work for a very small company that has 12 employees. You have been asked to configure wireless access for them. Knowing that you have a very limited budget to work with, which of the following technologies should you use? A. A hardware-based range extender. B. A software-based range extender C. A hardware-based access point. D. A software-based access point.
B. The Host Name is what the users see in the list of available networks when they connect to the access point.
You are configuring a wireless access point and are presented with the image shown below. Which of the following is the most correct statement regarding the access point's configuration? (graphic of access point setup) A. The Host Name and Wireless Network Name cannot be identical. B. The Host Name is what the users see in the list of available networks when they connect to the access point. C. The Wireless Network Name (SSID) is the name users see when they connect to the access point. D. The Host Name provides additional security for the access point.
C. Changing a hacker's network card to match a legitimate address being used on a network.
You have just discovered that a hacker is trying to penetrate your network using MAC spoofing. Which of the following best describes MAC spoofing? A. The process of sending many Ethernet frames, each containing different source MAC addresses, to a switch. B. Driving around in a car and searching for wireless networks that allow MAC addresses to be captured. C. Changing a hacker's network card to match a legitimate address being used on a network. D. Configuring a network card to run in promiscuous mode, allowing MAC addresses to be captured.
B. Lower the Bluetooth power setting on the smartphone and headset.
Ann has a corner office that looks out on a patio that is frequently occupied by tourists. She likes the convenience of her Bluetooth headset paired to her smartphone, but is concerned that her conversations could be intercepted by an attacker sitting on the patio. Which of the following countermeasures would be the most effective for protecting her conversations? A. Disable the headset when it is not being used. B. Lower the Bluetooth power setting on the smartphone and headset. C. Add a Bluetooth firewall to the smartphone. D. Use a non-regular pattern when pairing the headset.
D. Spyware can monitor and log call histories, GPS locations, and text messages.
Which of the following describes the risks of spyware that are particular to mobile devices? A. Spyware can crack weak passwords. B. Spyware can exploit applications that have not been patched. C. Spyware can root or jailbreak a mobile device. D. Spyware can monitor and log call histories, GPS locations, and text messages.
C. A combination of an on-device application or agent that communicates with a backend server to receive policies and settings.
Which of the following describes Mobile Device Management software? A. The policies and procedures used by an organization to maintain security and permissions on mobile devices. B. The policy that specifies the acceptable use of mobile devices supplied by an organization and bring-your-own-devices (BYOD). C. A combination of an on-device application or agent that communicates with a backend server to receive policies and settings. D. An application that allows a mobile device to be used for both professional and personal needs.
B. CoffeeShop
From your Kali Linux computer, you have used a terminal and the airodump-ng command to scan for wireless access points. From the results shown, which of the following is most likely a rogue access point? (graphic of a terminal showing a rogue access point) A. Ricks B. CoffeeShop C. CorpNet2 D. CorpNet3
D. The use of man-in-the-middle attacks, spoofing, and other attacks to take advantage of client-side vulnerabilities.
Which of the following describes the exploitation stage of the mobile device penetration testing process? A. The use of scanning tools to locate mobile devices attached to your network. B. The use of scanning tools to determine which wireless networks the mobile device is looking for. C. The inspection of data areas on the mobile device for sensitive information. D. The use of man-in-the-middle attacks, spoofing, and other attacks to take advantage of client-side vulnerabilities.
D. sdptool
Which of the following Bluetooth discovery tools will produce the output shown below? (graphic of bluetooth output) A. hcitool B. l2ping C. hciconfig D. sdptool
C. Access controls
Which key area in the mobile device security model is supported by device designers requiring passwords, biometrics, and two-factor authentication methods? A. Isolation B. Digital signing C. Access controls D. Encryption
D. Configure the device to remotely wipe as soon as it is reported lost. & E. Configure the device to wipe after a number of failed login attempts.
Jose, a medical doctor, has a mobile device that contains sensitive patient information. He is concerned about unauthorized access to the data if the device is lost or stolen. Which of the following are the best options for preventing this from happening? (Select two.) A. Keep the operating system and applications up to date by installing the latest updates. B. Install a locator application on the device so that it can be traced. C. Configure the device for multifactor authentication. D. Configure the device to remotely wipe as soon as it is reported lost. E. Configure the device to wipe after a number of failed login attempts.
C. An attacker changes the Bluetooth address of his own device to match the address of a target device so that the data meant for the victim device reaches the attacker's device first.
Which of the following best describes Bluetooth MAC spoofing? A. An attacker exploits a Bluetooth device by installing a backdoor that bypasses normal authentication, giving the attacker full access. B. An attacker performs a denial-of-service attack where the L2CAP layer of the Bluetooth protocol stack is used to transfer an oversized packet, causing the L2CAP layer to crash. C. An attacker changes the Bluetooth address of his own device to match the address of a target device so that the data meant for the victim device reaches the attacker's device first. D. An attacker sends unwanted data, such as annoying messages, to Bluetooth devices that are enabled and discoverable.
A. A penetration suite that runs on Linux that can implement several attacks, including bluebug, bluesnarf, and bluesmack, and also performs Bluetooth address spoofing.
Which of the following best describes the Bluediving hacking tool? A. A penetration suite that runs on Linux that can implement several attacks, including bluebug, bluesnarf, and bluesmack, and also performs Bluetooth address spoofing. B. An Android phone application that can be used to view the files on another Bluetooth-connected Android phone. C. A small utility that lists discoverable Bluetooth devices with information such as the device name, Bluetooth address, major device type, and minor device type. D. A complete framework to perform man-in-the-middle attacks on Bluetooth smart devices that is composed of an interception core, an interception proxy, and a dedicated web interface.
C. Clear text passwords are shown.
You are the cybersecurity specialist for your company and have been hired to perform a penetration test. You have been using Wireshark to capture and analyze packets. Knowing that HTTP POST data can sometimes be easy prey for hackers, you have used the http.request.method==POST Wireshark filter. The results of that filter are shown in the image. After analyzing the captured information, which of the following would be your biggest concern? (graphic of filtered capture) A. Checksum validation has been disabled. B. Port 54014 has not been secured. C. Clear text passwords are shown. D. The checksum is unverified.
