6.2.9 CyberDefense Pro
You have just discovered that a hacker is trying to penetrate your network using MAC spoofing. Which of the following BEST describes MAC spoofing?
Changing a hacker's network card to match a legitimate address being used on a network.
Which Wi-Fi attack uses a rogue access point configured with the same SSID as the organization's SSID?
Evil twin
An analyst reviews an alert detecting a rogue backend server being deployed behind the company's load balancer. The analyst attempts multiple map scans in hopes of identifying the possible threat but fails to reach the destination. What problem is presented in this instance?
The screened subnet firewall is blocking the scans.
Which of the following BEST describes the purpose of the wireless attack type known as wardriving?
To find information that will help breach a victim's wireless network.
Which set of tools is often used to intercept the four-way handshake?
aircrack-ng
Which of the following are the BEST methods for protecting against rogue devices and identifying rogue devices more easily? (Select two.)
-802.1x network access control -Port-based access control
A company's security team recently discovered an unknown device connected to their network, and they suspect it could be a rogue device. The team wants to conduct scans and sweeps to locate and remove any unauthorized devices on the network. Which of the following are common types of scans or sweeps the team can use to locate rogue devices in the network? (Select two.)
-Active scanning -Passive scanning
A company has recently discovered that its network has become slow and unreliable, with frequent outages and disruptions. An IT staff member suspects that rogue devices on the network could be causing these issues. What are the BEST ways to identify rogue devices on a network? (Select three.)
-Conduct network scans using tools like Nmap to identify active devices on the network. -Install endpoint security software on all devices connected to the network to monitor and control device access. -Use intrusion detection systems (IDS) to monitor network traffic and identify devices that do not belong on the network.
A company's security analyst wants to identify issues such as unauthorized devices and software or misconfigured hosts on the company network. Which of the following are the most commonly used methods for detecting any rogue devices on a network? (Select two.)
-Ping sweeps -Network scans
Which of the following BEST describes a rogue access point attack?
A hacker installing an unauthorized access point within a company.
