Module 5 chapter 11

Ace your homework & exams now with Quizwiz!

The 802.11 is a set of specifications for OSI layer ______.

1 and 2

WEP uses one of two key sizes, _____ or ______, for the RC4 encryption algorithm.

40, 104

Enterprise authentication uses _______ to handle user-level authentication. Group of answer choices

802.1x

What would a signal range for a Bluetooth device commonly be? A. 300 ft. B. 3,000 ft. C. 75 ft. D. 500 ft.

A. 300 ft.

What is the policy that allows people to use their own smartphones on the enterprise network? A. Bring your own device B. Use your own device C. Bring your own smart device D. Use your own smart device

A. Bring your own device

Why is bluesnarfing potentially more dangerous than bluejacking from the standpoint of the victim? A. Bluejacking sends while bluesnarfing receives. B. Bluejacking receives while bluesnarfing sends. C. Bluejacking installs keyloggers. D. Bluesnarfing installs keyloggers

B. Bluejacking receives while bluesnarfing sends. Info: Bluesnarfing is an attack that connects to a Bluetooth device in order to grab data from that device. Bluesnarfing sends data to the attacker. Bluejacking can be used to send information to a Bluetooth device, such as a text message. Neither of these attacks install keyloggers.

What is the four-stage handshake used for? A. Passing keys B. Deriving keys C. Encrypting messages D. Initialization seeding

B. Deriving keys Info: The four-stage handshake is used to authenticate stations against wireless networks. As part of the handshake, encryption keys are generated. Keys are derived on both sides of the transaction rather than being exchanged directly. This is handled during the four-way handshake. Keys are not passed. Messages can't be encrypted until the four-way handshake is complete and the keys are generated. There is no such thing as initialization seeding.

What is the purpose of a deauthentication attack? A. Disabling stations B. Forcing stations to reauthenticate C. Reducing the number of steps in the handshake D. Downgrading encryption

B. Forcing stations to reauthenticate

How many stages are used in the WPA handshake? A. Two B. Four C. Three D. One

B. Four

What mode has to be enabled on a network interface to allow all headers in wireless traffic to be captured? A. Promiscuous B. Monitor C. Radio D. Wireless LAN

B. Monitor

What types of authentication are allowed in a WPA-encrypted network? A. Handshake and personal B. Personal and enterprise C. Enterprise and handshake D. 802.11 and personal

B. Personal and enterprise Info: WPA supports both Personal and Enterprise authentication. Personal authentication makes use of a pre-shared key, while Enterprise authentication uses usernames and passwords to authenticate specific users, providing accounting and access control, meaning we know exactly who has connected to the network.

How does an evil twin attack work? A. Phishing users for credentials B. Spoofing an SSID C. Changing an SSID D. Injecting four-way handshakes

B. Spoofing an SSID

What is the SSID used for? A. Encrypting messages B. Providing a MAC address C. Identifying a network D. Seeding a key

C. Identifying a network

What is the purpose of performing a Bluetooth scan? A. Identifying open ports B. Identifying available profiles C. Identifying endpoints D. Identifying vendors

C. Identifying endpoints

What part of the encryption process was weak in WEP? A. Keying B. Diffie-Hellman C. Initialization vector D. Seeding vector

C. Initialization vector

What wireless attack would you use to take a known piece of information in order to be able to decrypt wireless traffic? A. Sniffing B. Deauthentication C. Key reinstallation D. Evil twin

C. Key reinstallation Info: Sniffing can be used to collect information that may be needed to launch wireless attacks. A deauthentication attack can be used to force a station to generate traffic. An evil twin attack uses a rogue access point to pretend to be a legitimate network. In order to decrypt network traffic, you would need the key. One way to get the key is to reuse information from network traffic that generated a known key. This is a key reinstallation attack.

What method might you use to successfully get malware onto a mobile device? A. Using the Apple Store or Google Play store B. Using external storage on an Android C. Using a third-party app store D. Jailbreaking

C. Using a third-party app store

What tool would allow you to run an evil twin attack? A. Wireshark B. Ettercap C. Wifiphisher D. Aircrack-ng

C. Wifiphisher Info: Wireshark is used to capture packets/frames from a network. Ettercap is used for spoofing attacks. The program aircrack-ng can be used to crack wireless keys. Wifiphisher, though, can be used to set up an evil twin attack.

How does WEP verify the integrity of a message?

Cyclical Redundancy Check (CRC)

What tool could you use to enable sniffing on your wireless network to acquire all headers? A. Ettercap B. Tcpdump C. Aircrack-ng D. Airmon-ng

D. Airmon-ng Info: Tcpdump can be used to capture frames/packets. Ettercap is used for captures and spoofing attacks. Neither can capture all headers, including radio headers in a wireless network. The package aircrack-ng includes the program airmon-ng, which can turn on monitor mode on a network interface. The program aircrack-ng itself cannot do that.

What are the two types of wireless networks? A. Star and ring B. Bus and hybrid C. Infrastructure and hybrid D. Infrastructure and ad hoc

D. Infrastructure and ad hoc

What wouldn't you see when you capture wireless traffic that includes radio headers? A. Capabilities B. Probe requests C. SSIDs D. Network type

D. Network type Info: Radio headers in a wireless network will provide you with the capabilities of the devices, since that's negotiated during the association process. You will also see probe requests asking what networks are in the area, including specific networks that a station knows about. These requests will include the SSID. The responses will also include the SSID. You will not get the network type in the headers

What kind of access point is being used in an evil twin attack? A. Infrastructure B. Ad hoc C. WPA D. Rogue

D. Rogue

A four-way handshake is completed in both WPA and WPA2

False

A wireless device client must first associate to the wireless network before it can attempt to authenticate to the access point.

False

CRC is considered stronger than the MIC.

False

In the United States, there are 13 channels that can be used for Wi-Fi communications in the2.4 GHz band.

False

WPA differed from WEP in that it enabled session keys where WEP did not.

False

WPA-Personal is less secure than WPA-Enterprise and is primarily used because consumer-home devices aren't typically equipped to support the more stringent encryption algorithms.

False

NAC is often implemented around white-listing or authenticating devices using a:

MAC

The implementation of this technology enabled binding channels (data streams) to reach speeds of 600 Mbps.

MIMO

An ephemeral, random value, often used in cryptographic schemes is often referred to as a: Group of answer choices

Nonce

WPA introduced this to fix WEP's problem with an attack against weak initialization vectors.

TKIP

The first version of 802.11 specified transmissions with data rates _________.

between 1 and 2 Mbps

An infrastructure network has a central device that all devices communicate with, but also allows devices to directly communicate with one another without having to go through the central device.

false

WPS is considered a more secure authentication mechanism over:

none of the above

Access points send out beacon frames and clients send out probe requests. Group of answer choices

true

An ad hoc network can be considered a dynamic mesh network. Group of answer choices

true

Bluesnarfing is considered to create more of an impact thank bluejacking.

true

Configuring your wireless interface to "monitor mode" enables:

your device to see other networks and devices connected to those wireless networks without being connected to any wireless network.


Related study sets

Science of Human Nutrition: Chapter 5, 6, 8, and 9 Post Assessments

View Set

AP Psych Module 76 Group Behavior

View Set

Stereotypes Prejudice Discrimination 

View Set

Precis 4: 1 text + OBS, Precis 4: 1 tema, Precis 4: 3 tema, Precis 4: 3 text + OBS, Precis 4: 2 text +OBS + Bra att veta, Precis 4: 2 tema, Precis 4: text 4, Precis 4: 4 tema, Precis 4: 5 text + OBS + Bra att veta, Precis 4: 5 tema

View Set

Basic Insurance Concepts & Principles

View Set

SMSH-PROJECTS-HALF LIFE II-10/12/23

View Set