CIT 270 Module 11
Which of the following attacks is considered easy, allowing threat actors to access user data and read through passwords and PINs, and why is it considered so?
A WLAN consumer attack, because many users fail to properly configure security on their home WLANs.
Suzanne is a cybersecurity expert. She was approached by Alex with a complaint that his payment information has leaked even though he has not made any online payments or shared information with anyone. Suzanne concluded that attackers most likely bumped a portable reader against Alex's smartphone to make an NFC connection and steal the payment information stored on the phone. What should Suzanne suggest to Alex to prevent this type of attack from happening in the future?
Alex should always turn the NFC off while he's in a crowded area.
Suzanne is a cybersecurity expert. She was approached by Alex with a complaint that his payment information has leaked even though he has not made any online payments or shared information with anyone. Suzanne concluded that attackers most likely bumped a portable reader against Alex's smartphone to make an NFC connection and steal the payment information stored on the phone. What should Suzanne suggest to Alex to prevent this type of attack from happening in the future?
Alex should configure his device pairing so one device can only send and the other can only receive.
Which technical specification of the Wi-Fi Alliance is the same as ad hoc mode in a Wi-Fi network?
Alliance IBSS
Nyla is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be?
Bluesnarfing
Shawn is approached by a medical staff team with a request to research and introduce a type of device that will help them record and transmit specific patient details. Which technology would help the team measure and monitor blood pressure and then send those patient details from the smartphone to a phone as a message in case of emergencies?
Bluetooth
Which of these is the encryption protocol for WPA2?
CCMP
Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered?
Captive portal
Imani has been asked to purchase wireless LAN controllers (WLCs) for the office. What type of APs must she also purchase that can be managed by a WLC?
Controller AP
Which of these is NOT a type of wireless AP probe?
Dedicated probe
Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend?
EAP-FAST
In which type of RFID attack can unauthorized users listen to communications between RFID tags and readers?
Eavesdropping
What is the difference between protecting against eavesdropping and protecting against a man-in-the-middle (MITM) attack?
Eavesdropping can be prevented by being aware of one's surroundings while using NFC technology, while MITM attack can be prevented by configuring in a pairing method so only one side can send and the other can receive it at a time.
Which type of wireless attack is designed to capture wireless transmissions coming from legitimate users?
Evil Twin
Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing?
Evil twin
Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack?
IEEE 802.11iw separate
Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key?
IV (Initialization Vector)
Fatima has just learned that employees have tried to install their own wireless router in the employee lounge. Why is installing this rogue AP a security vulnerability?
It allows an attacker to bypass network security configurations
Maryam is explaining the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP?
It is a framework for transporting authentication protocols
Which protocol should John select to prevent unwanted network access and be configured to permit traffic only from specific addresses and provide security?
MAC
Which of these is a vulnerability of MAC address filtering in a WLAN?
MAC addresses are initially exchanged unencrypted.
What is a difference between NFC and RFID?
NFC is based on wireless technology while RFID is not
Which wireless technology will John use to provide wide-range cellular service that focuses on indoor coverage, low cost, long battery life, high connection density, and has a low-power wide-area network?
Narrowband IoT
Aaliyah has been asked to do research in a new payment system for the retail stores that her company owns. Which technology is predominately used for contactless payment systems that she will investigate?
Near field communication (NFC)
Which of these does not require authentication?
Open method
Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?
PIN method
Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust?
RFID spectrum
Which WPA3 security feature is designed to increase security at the time of the handshake?
SAE (Simultaneous Authentication of equals)
Zain, a telecom engineer, plans to relocate a particular AP antenna to a new location. Which of the following configuration options will he use to adjust frequency bands, optimum channels, and available spectrum for data transfer?
Spectrum selection
Melvin is moving his small business from his basement to an office building now that he has five full-time employees. What type of enterprise AP should he choose when setting up the new office's WLAN?
Standalone AP
Why are jamming attacks generally rare?
They require expensive, sophisticated equipment
Which site survey tool is used to visually represent wireless network details such as channel bandwidth, channel coverage, data rate, and interference, among others?
Wi-Fi analyzers
Bob has been asked to do research into increasing the accuracy in identifying rogue APs in his enterprise. Which rogue AP system detection probe will allow his company's IT department to monitor the airwaves for traffic, scan and record wireless signals within its range (even when the device is idle or not receiving any transmission), and then report this information to a centralized database?
Wireless device probe
Which wireless probe is designed to scan and record wireless signals within its range at regular intervals and report the information to a centralized database?
Wireless device probe
Which of these is NOT a risk when a home wireless router is not securely configured?
Wireless endpoints must be manually approved to connect to the WLAN
