MOD 5: Passive 802 Exploitation - PE Flashcards
[TRUE / FALSE]
Passive 802.11 Exploitation is the ability to exploit information of already-collected signals WITHOUT transmitting any frames into a wireless network.
TRUE
A target is always aware when passive exploitation is being conducted.
FALSE
When an intruder is not actively doing anything, just monitoring information to exploit at a later time, this is referred to as what type of passive exploitation?
- Targeting
- Keylogging
- Backlogging
- Re-logging
Keylogging
The settings on a(n) _______ can help the client determine what kind of three specific kinds of encryption to use or not to use.
- Device
- Router
- AP
- None of These
Access Point (AP)
The three kinds of 802.11 Encryption are:
- WEP, WPA1, WPA3
- WEP, WPA, WPA2
- WPA1, WPA2, WPA3
- WEP, WEP2, WPA
WEP, WPA, WPA2
Wire Equivalency Privacy (WEP), also known as the original IEEE 802.11 standard of encryption, was originally ratified in what year?
- 1992
- 1994
- 1995
- 1997
1997
Wired Equivalent Privacy (WEP), was decommissioned in 2004, and succeeded by what??
- WEP 2.0
- WEBV2
- WPA2
- WPA
WPA
Alongside using the same RC4 stream cipher and CRC-32 checksum, what protocol did WPA use as a solution to WEP shortcomings?
- Temporal Key Integrity Protocol (TKIP)
- Temporal Load Key Protocol (TLKP)
- Temporary Keyed Initial Protocol (TKIP)
- None of the above. WEP didn’t have any shortcomings.
Temporal Key Integrity Protocol (TKIP)
WPA was later succeeded by what?
- WPA 1.1
- WPA 3
- WPA2
- WEP2
WPA2
[True / False]
WPA2 defines two types of security: Passphrase Authentication and 802.1X/EAP security.
True
Passphrase Authentication is for what kinds of networks?
- Enterprise Networks
- Small office/Home office networks (SOHO)
- Recreational office/Home office networks (ROHO)
- Commercial Networks
Small office/Home office networks (SOHO)
802.1X/EAP security is for what kinds of networks?
- Commercial Networks
- Enterprise Networks
- Small office/Home office networks (SOHO)
- None of the above
Enterprise Networks
What standard, not protocol, replaced the RC4 Cipher used in WEP and temporal key integrity protocol (TKIP)?
- Advanced Encryption Standard (AES)
- Advanced Clear Text Standard (ACTS)
- Advanced Key Standard (AKS)
- Advanced Cipher Standard (ACS)
Advanced Encryption Standard (AES)
What tool is used for wi-fi hacking and security?
- Aircrack
- CCMP
- Counter-mode
- AES
Aircrack
Aircrack is an all-in-one tool that can be used as what?
- Packet Sniffer
- WEP/WPA/WPA2 cracker
- Analyzing and Hash Capturing Tool
- All of the above
All of the above
What kind of attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys?
- Brute Force Attack
- Dictionary Attack
- Man-In-The-Middle-Attack
- None of the above
Brute Force Attack
[True / False]
A Brute Force Attack could take less than a minute to crack.
TRUE
What type of Brute Force Attack is where the attacker makes logical guesses to crack your authentication system that aren’t assisted by software tools?
- Reverse Brute Force Attack
- Hybrid Brute Force Attack
- Simple Brute Force Attack
- Strong Brute Force Attack
Simple Brute Force Attack
Which Brute Force Attack would be where an attacker may use your birth year as a pin?
- Reverse Brute Force Attack
- Simple Brute Force Attack
- Hybrid Brute Force Attack
- Strong Brute Force Attack
Simple Brute Force Attack
What type of Brute Force Attack is where they use a simple approach to try and test several possible combinations by guessing possible passwords that are beyond the scope of their logic?
- Reverse Brute Force Attack
- Simple Brute Force Attack
- Hybrid Brute Force Attack
- Strong Brute Force Attack
Hybrid Brute Force Attack
Which type of attack is used where an attacker isn’t targeting a specific user, but instead is using a leaked password and testing it against multiple user IDs?
- Reverse Brute Force Attack
- Simple Brute Force Attack
- Hybrid Brute Force Attack
- Strong Brute Force Attack
’
Reverse Brute Force Attack
[True / False]
Dictionary Attack requires an attacker to use ordinary words (as they are in the dictionary) paired with a typical sequence of numbers or special characters in order to crack the password.
TRUE
What type of attack allows attackers to eavesdrop on the communication between two targets?
- Soldier-In-The-Middle
- Man-In-The-Middle
- Hacker-In-The-Middle
- Attacker-In-The-Middle
Man-In-The-Middle
[True / False]
PSK is a shared key in between two clients in order to use a “secure” channel.
True
What is the first main step in a successful WPA passive attack?
- Using a wireless sniffer or protocol analyzer
- Waiting for a wireless client to authenticate through a four-way handshake
- Use a Brute Force Attack
- None of the above
Waiting for a wireless client to authenticate through a four-way handshake
What was the main attack against TKIP?
- Hand-Hand
- Run-Run
- Chop-Chop
- Brute Force
Chop-Chop
When an attacker truncates the last byte of the encrypted packet and guesses the value, what is the average amount of guesses it takes to guess the right value?
- 224
- 100
- 128
- 32
128
[True / False]
WPA2-PSK (Pre-Shared Key) is the most secure form of encryption used on personal wireless networks.
True
[True / False]
The main vulnerability on WPA2 was called KRACK – Key Reinstallation Attack.
True
[True / False]
During a KRACK, the attack is against a 4-way handshake, and does not exploit access points themselves, but instead targets users.
True
