Chap 13 Q/A
12. Bart knows that there are two common connection methods between Wi-Fi devices. Which of the following best describes ad hoc mode? A. Point-to-point B. NFC C. Point-to-multipoint D. RFID
A. Point-to-point Ad hoc networks work without an access point. Instead, devices directly connect to each other in a point-to-point fashion. Infrastructure mode Wi-Fi networks use a point-tomultipoint model.
6. Daniel knows that WPA3 has added a method to ensure that brute-force attacks against weak preshared keys are less likely to succeed. What is this technology called? A. SAE B. CCMP C. PSK D. WPS
A. SAE Simultaneous Authentication of Equals (SAE) is used to establish a secure peering environment and to protect session traffic. Since the process requires additional cryptographic steps, it causes brute-force attacks to be much slower and thus less likely to succeed while also providing more security than WPA2's preshared key (PSK) mode. WPS is Wi-Fi Protected Setup, a quick setup capability; CCMP is the encryption mode used for WPA2 networks. WPA3 moves to 128-bit encryption for Personal mode and can support 192-bit encryption in Enterprise mode.
8. Theresa has implemented a technology that keeps data for personal use separate from data for her company on mobile devices used by members of her staff. What is this concept called? A. Storage segmentation B. Multifactor storage C. Full-device encryption D. Geofencing
A. Storage segmentation Storage segmentation is the concept of splitting storage between functions or usage to ensure that information that fits a specific context is not shared or used by applications or services outside of that context. Full-device encryption encrypts the entire device, geofencing is used to determine geographic areas where actions or events may be taken by software, and multiactor storage was made up for this question.
1. Alyssa wants to use her Android phone to store and manage cryptographic certificates. What type of solution could she choose to do this using secure hardware? A. SEAndroid B. A microSD HSM C. A wireless TPM D. MDM
B. A microSD HSM A hardware security module (HSM) in a microSD form factor allows a mobile device like an Android phone to securely store and manage certificates. Alyssa will also need an application to access and use the HSM, but she will have a complete, portable, and secure solution for her PKI needs. SEAndroid allows mandatory access control to be enforced on an Android device. TPMs are connected to systems and are often integrated into the motherboard or added as plug-in module, not a wireless component. MDM is not a secure hardware solution, but it is a software solution for managing mobile devices.
19. Gurvinder wants to select a mobile device deployment method that provides employees with devices that they can use as though they're personally owned to maximize flexibility and ease of use. Which deployment model should he select? A. CYOD B. COPE C. BYOD D. MOTD
B. COPE Gurvinder's requirements fit the COPE (corporate-owned, personally enabled) mobile device deployment model. Choose your own device (CYOD) allows users to choose a device but then centrally manages it. BYOD allows users to use their own device, rather than have the company provide it, and MOTD means message of the day, not a mobile device deployment scheme.
3. Michelle has deployed iPads to her staff who work her company's factory floor. She wants to ensure that the devices work only in the factory and that if they are taken home they cannot access business data or services. What type of solution is best suited to her needs? A. Context-aware authentication B. Geofencing C. Geolocation D. Unified endpoint management (UEM)
B. Geofencing Geofencing will allow Michelle to determine what locations the device should work at. The device will then use geolocation to determine when it has moved and where it is. In this case, the correct answer is therefore geofencing—simply having geolocation capabilities would not provide the solution she needs. Context-aware authentication can help by preventing users from logging in when they aren't in the correct location, but a device that was logged in may not require reauthentication. Finally, UEM, much like mobile device management, can be used to enforce these policies, but the most correct answer is geofencing.
18. Laura wants to deploy a WPA2 secured wireless for her small business, but she doesn't have a RADIUS server set up. If she wants her Wi-Fi to be encrypted, what is her best option for wireless authentication? A. EAP B. PSK C. EAP-TLS D. Open Wi-Fi with a captive portal
B. PSK In small business and home environments, preshared keys (PSKs) allow encryption without enterprise authentication and a RADIUS server. Both EAP and EAP-TLS are used in enterprise authentication environments, and open Wi-Fi doesn't use encryption.
13. Susan wants to ensure that the threat of a lost phone creating a data breach is minimized. What two technologies should she implement to do this? A. Wi-Fi and NFC B. Remote wipe and FDE C. Containerization and NFC D. Geofencing and remote wipe
B. Remote wipe and FDE Susan's best options are to use a combination of full-device encryption (FDE) and remote wipe. If a device is stolen and continues to be connected to the cellular network, or reconnects at any point, the remote wipe will occur. If it does not, or if attackers attempt to get data from the device and it is locked, the encryption will significantly decrease the likelihood of the data being accessed. Of course, cracking a passcode, PIN, or password remains a potential threat. NFC and Wi-Fi are wireless connection methods and have no influence on data breaches due to loss of a device. Geofencing may be useful for some specific organizations that want to take action if devices leave designated areas, but it is not a general solution. Containerization may shield data, but use of containers does not immediately imply encryption or other protection of the data, simply that the environments are separated.
10. Madhuri disables SMS, MMS, and RCS on phones in her organization. What has she prevented from being sent? A. Phone calls and texts B. Text messages and multimedia messages C. Text messages and firmware updates D. Phone calls and multimedia messages
B. Text messages and multimedia messages SMS (Short Message Service) is used to send text messages, and MMS and RCS provide additional multimedia features. Neither provides phone calls or firmware updates.
17. Amanda wants to create a view of her buildings that shows WiFi signal strength and coverage. What is this type of view called? A. A channel overlay B. A PSK C. A heatmap D. A SSID chart
C. A heatmap Amanda wants to create a heatmap which shows the signal strength and coverage for each access point in a facility. Heatmaps can also be used to physically locate an access point by finding the approximate center of the signal. This can be useful to locate rogue access points and other unexpected or undesired wireless devices. PSK stands for preshared key, a channel overlay is not a commonly used term (although channel overlap is a concern for channels that share bandwidth), and SSID chart was made up for this question.
5. During a site survey, Chris discovers that there are more access points broadcasting his organization's SSID than he expects there to be. What type of wireless attack has he likely discovered? A. An identical twin B. An alternate access point C. An evil twin D. A split SSID
C. An evil twin Evil twins are access points configured to appear to be legitimate access points. In this case, Chris should determine where his access points are, and then use his wireless surveying tools to locate the potentially malicious access point. Although it is possible that a member of his organization's staff has configured their own access point, Chris needs to be sure that attackers have not attempted to infiltrate his network. Identical twin, alternate access point, and split SSD were made up for this question.
20. Octavia discovers that the contact list from her phone has been acquired via a wireless attack. Which of the following is the most likely culprit? A. Bluejacking B. An evil maid C. Bluesnarfing D. An evil twin
C. Bluesnarfing Bluesnarfing is the theft of information from a Bluetooth enabled device. If Octavia left Bluetooth on and has not properly secured her device, then an attacker may have been able to access her contact list and download its contents. A bluejacking attack occurs when unwanted messages are sent to a device via Bluetooth. Evil twins are malicious access points configured to appear to be legitimate access points, and an evil maid attack is an in-person attack where an attacker takes advantage of physical access to hardware to acquire information or to insert malicious software on a device.
15. Alaina has implemented WPA2 and uses enterprise authentication for access points in infrastructure mode. What encryption protocol is her network using? A. WEP B. TKIP C. CCMP D. IV
C. CCMP CCMP is the encryption protocol used for WPA2. A block cipher, CCMP provides confidentiality, authentication, and access control features. WEP is the protocol used before WPA, TKIP was used in WPA prior to the use of CCMP in WPA2, and IV is an initialization vector.
14. What are the two most commonly deployed biometric authentication solutions for mobile devices? A. Voice recognition and face recognition B. Fingerprint recognition and gait recognition C. Face recognition and fingerprint recognition D. Voice recognition and fingerprint recognition
C. Face recognition and fingerprint recognition Current mobile device implementations have focused heavily on facial recognition via services like Apple's FaceID and fingerprint recognition like Android's fingerprint scanning and Apple's TouchID. Gait recognition is not a widely deployed biometric technology and would be difficult for most mobile device users to use. Voice recognition as a biometric authenticator has not been broadly deployed for mobile devices, whereas voice-activated services are in wide usage.
7. Isabelle needs to select the EAP protocol that she will use with her wireless network. She wants to use a secure protocol that does not require client devices to have a certificate, but she does want to require mutual authentication. Which EAP protocol should she use? A. EAP-FAST B. EAP-TTLS C. PEAP D. EAP-TLS
C. PEAP Isabelle should select PEAP, which doesn't require client certificates but does provide TLS support. EAP-TTLS provides similar functionality but requires additional software to be installed on some devices. EAP-FAST focuses on quick reauthentication, and EAP-TLS requires certificates to be deployed to the endpoint devices.
11. What is the most frequent concern that leads to GPS tagging being disabled by some companies via an MDM tool? A. Chain of custody B. The ability to support geofencing C. Privacy D. Context-aware authentication
C. Privacy Geotagging places a location stamp in documents and pictures that can include position, time, and date. This can be a serious privacy issue when pictures or other information are posted, and many individuals and organizations disable GPS tagging. Organizations may want to enforce GPS tagging for some work products, meaning that the ability to enable or disable it in an MDM tool is quite useful. Chain of custody is a forensic concept, the ability to support geofencing does not require GPS tagging, and context-aware authentication may need geolocation but not GPS tagging.
9. What standard allows USB devices like cameras, keyboards and flash drives to be plugged into mobile devices and used as they normally would be? A. OG-USB B. USB-HSM C. USB-OTG D. RCS-USB
C. USB-OTG USB On-the-Go, or USB-OTG, is a standard that allows mobile devices to act as USB hosts, allowing cameras, keyboards, thumb drives, and other USB devices to be used. A USB HSM is a USB hardware security module, and both OGUSB and RCS-USB were made up.
16. Jerome wants to allow guests to use his organization's wireless network, but he does not want to provide a preshared key. What solution can he deploy to gather information such as email addresses or other contact information before allowing users to access his open network? A. WPS capture mode B. Kerberos C. WPA2 D. A captive portal
D. A captive portal Jerome should deploy a captive portal that requires users to provide information before being moved to a network segment that allows Internet access. WPS capture mode was made up for this question, Kerberos is used for enterprise authentication, and WPA2 supports open, enterprise, or PSK modes but does not provide the capability Jerome needs by itself.
2. Fred's company issues devices in a BYOD model. That means that Fred wants to ensure that corporate data and applications are kept separate from personal applications on the devices. What technology is best suited to meet this need? A. Biometrics B. Full-device encryption C. Context-aware authentication D. Containerization
D. Containerization Using a containerization system can allow Fred's users to run corporate applications and to use corporate data in a secure environment that cannot be accessed by other applications outside of the container on the device. Containerization schemes for mobile devices typically use encryption and other isolation techniques to ensure that data and applications do not cross over. Biometrics and context-aware authentication are useful for ensuring that the right user is using a device but don't provide this separation. Full-device encryption helps reduce the risk of theft or loss of a device resulting in a data breach.
4. Which wireless technology is frequently used for door access cards? A. Wi-Fi B. Infrared C. Cellular D. RFID
D. RFID Radio frequency identification (RFID) is commonly used for entry access cards. Wi-Fi, infrared, and cellular are not typically used for this purpose, but NFC may be.
