Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ethical hacking > Mobile Attacks and Countermeasures > Flashcards

Mobile Attacks and Countermeasures Flashcards

1
Q

Which of the following mobile risks can be raised from failure to identify the user, failure to maintain the user’s identity, or weaknesses in session management?

A

Insecure Authentication: This category captures notions of authenticating the end user or bad session management such as failing to identify the user when it is required, failure to maintain the user’s identity when it is required, weaknesses in session management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Identify the network-based attack in which the attacker eavesdrops on existing network connections to intrude, read, and modify the data or insert fraudulent data into the intercepted communication.

A

Man-in-the-Middle (MITM): Attackers eavesdrop on existing network connections between two systems, intrude into these connections, and then read or modify the data or insert fraudulent data into the intercepted communication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following protocols allows mobile users to exchange communication through another cellular network while roaming?

A

SS7 An SS7 attack is a security exploit that takes advantage of a weakness in the design of SS7 (Signaling System 7) to enable data theft, eavesdropping, text interception and location tracking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following types of attack involves replacing legitimate apps in a mobile device with malicious apps designed by a hacker and producing a large volume of advertisements on the target device to attain financial benefits?

A

Agent smith attack: mobile malware that generates financial gain by replacing legitimate applications on devices with malicious versions that include fraudulent ads

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Jack, a network administrator in an organization, was assigned to identify the risks associated with the organization’s confidential information by implementing a BYOD policy. Jack thoroughly examined and identified a potential exposure of all the corporate data.

Which of the following BYOD security risks is identified by Jack in the above scenario?

A

Data leakage and endpoint security issues: In this cloud-computing era, mobile devices are insecure endpoints with cloud connectivity. By synchronizing with organizational email or other apps, these mobile devices carry confidential information. If the device is lost, it could potentially expose all the corporate data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An organization has implemented BYOD policy that allows employees to bring their personal devices for business operations. One day, during lunchtime, Joseph, an employee, transferred project details to his colleague using freely available Wi-Fi. An attacker connected to the same Wi-Fi network sniffed the communication and gained access to the shared data.

Which of the following BYOD risk was demonstrated in the above scenario?

A

Sharing confidential data on unsecured networks: Employees might access corporate data via a public network. These connections may not be encrypted; sharing confidential data via an unsecured network may lead to data leakage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following guidelines helps users identify and protect sensitive data on their mobile devices?

A

Apply validation of the security of API calls to the sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following techniques allows attackers to attain privileged control within Android’s subsystem, resulting in the exposure of sensitive data?

A

Rooting: Rooting allows Android users to attain privileged control (known as “root access”) within Android’s subsystem. Like jailbreaking, rooting can result in the exposure of sensitive data stored in the mobile device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following vulnerabilities leads to erratic program behavior, including memory access errors and incorrect results, and causes mobile devices to crash?

A

Buffer Overflow: Buffer overflow is an abnormality whereby a program, while writing data to a buffer, surfeits the intended limit and overwrites the adjacent memory. This results in erratic program behavior, including memory access errors, incorrect results, and mobile device crashes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following vulnerabilities leads to erratic program behavior, including memory access errors and incorrect results, and causes mobile devices to crash?

A

Buffer Overflow: Buffer overflow is an abnormality whereby a program, while writing data to a buffer, surfeits the intended limit and overwrites the adjacent memory. This results in erratic program behavior, including memory access errors, incorrect results, and mobile device crashes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following guidelines must be followed to protect a mobile device from malicious attackers?

A

Maintain configuration control and management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ethical hacking (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions