Module 8 Questions Flashcards

1
Q

A company hires you as part of its security team. The company is implementing new policies and procedures regarding mobile devices in the network. Which of the following would not be a recommended practice?

A. Create a BYOD policy and ensure all employees are educated about and made aware of it.

B. Whitelist applications and ensure all employees are educated about and made aware of them.

C. Allow jailbroken and rooted devices on the network, as long as employees have signed the policy.

D. Implement MDM.

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following tools would be used in a blackjacking attack?

A. Aircrack

B. BBCrack

C. BBProxy

D. Paros Proxy

A

C. This is another tool-specific question, but one that should be relatively easy. Blackjacking and BBProxy were exposed at Defcon several years ago, so this isn’t anything new in terms of an attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following tools is a vulnerability scanner for Android devices?

A. X-ray

B. evasi0n7

C. Pangu

D. DroidSheep Guard

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which type of jailbreaking allows user-level access but does not allow iBoot-level access?

A. iBoot

B. Bootrom

C. userland

D. iRoot

A

C. Userland

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Jack receives a text message on his phone advising him of a major attack at his bank. The message includes a link to check his accounts. After he clicks the link, an attacker takes control of his accounts in the background. Which of the following attacks is Jack facing?

A. Phishing

B. Smishing

C. Vishing

D. App sandboxing

A

B Smishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following allows an Android user to attain privileged control of the device?

A. DroidSheep

B. SuperOneClick

C. Faceniff

D. ZitMo

A

B. Superone Click

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An individual attempts to make a call using his cell phone; however, it seems unresponsive. After a few minutes of effort, he turns it off and turns it on again. During his next phone call, the phone disconnects and becomes unresponsive again. Which Bluetooth attack is underway?

A. Bluesmacking

B. Bluejacking

C. Bluesniffing

D. Bluesnarfing

A

A. From the description, it appears the phone is either defective or—since it’s spelled out so nicely in the question for you—there is a denial-of-service attack against the phone. Bluesmacking is a denial-of-service attack on a Bluetooth device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is a pairing mode in Bluetooth that rejects every pairing request?

A. Non-pairing

B. Non-discoverable

C. Promiscuous

D. Bluejack

A

A. Non-Pairing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An attacker is using Shodan to search for devices on a target. She types the following as the search string: webcam geo:“-85.97,31.81”. Which of the following correctly describes this action?

A. The search string syntax is incorrect.

B. The attacker is searching for webcams with serial numbers starting between 3181 and 8597.

C. The attacker is searching for webcam manufacturers starting with “geo.”

D. The attacker is searching for webcams in the geographic location -31.80, 85.95 (longitude and latitude).

A

D. While Google and other search engines index the web, Shodan (https://www.shodan.io) indexes everything connected to the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is the most popular short-range communication technology for IoT devices?

A. RFID

B. Zigbee

C. QR codes

D. LiFi

A

B. IoT devices make use of many wireless communications technologies, and some of them have fairly weird names. Zigbee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Within IoT architecture, which of the following carries out message routing and identification?

A. Edge Technology layer

B. Access Gateway layer

C. Internet layer

D. Middleware layer

A

B. IoT architecture, laid out by EC-Council, includes the Edge Technology, Access Gateway, Internet, Middleware, and Application layers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A homeowner accesses an app on his cell phone to set up a view list on his television. Which IoT communication model is in play here?

A. Device-to-Gateway

B. Back-End Data-Sharing

C. Device-to-Cloud

D. Device-to-Device

A

A. IoT communication models seem pretty straightforward, but there are some weird one-off comparisons here and there. In this case, the smartphone—more appropriately, the app on the smartphone used by the owner—acts as the gateway and the TV is the device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

In this attack on VANET, vehicles appear to be in multiple places at once, causing congestion and severely impairing the use of data. Which of the following best describes this attack?

A. Rolling code

B. BlueBorne

C. Side channel

D. Sybil

A

D. As with every other area in computing, IoT has loads of attacks and vulnerabilities to talk about. In this particular example, called the Sybil Attack, a thing (the vehicle or device) creates the illusion of another identity (in this example, being in more than one place at a time), causing congestion and the associated insanity that goes along with it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Of the tools listed, which is the best choice for quickly discovering IP addresses of IoT devices on your network?

A. IoTInspector

B. MultiPing

C. Z-Wave Sniffer

D. beSTORM

A

B. Many of the tools you already know about will work just as well in IoT land, and MultiPing (https://www.multiping.com/) is a good example. MultiPing has been around for a while and is a quick-and-dirty way to quickly discover systems hanging out on your network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

In October of 2016, a DDoS attack involving millions of IoT devices caused a disruption of service to large numbers of users in North America and Europe. Which of the following malware was used in the attack?

A. WannaCry

B. Cryptolocker

C. Locky

D. Mirai

A

D. It’s hard to believe something as simple as a baby monitor can be leveraged as an attack platform, but in the fall of 2016 that’s exactly what happened. The Mirai malware, created to deliberately find IoT devices to infect, created a botnet of immense proportions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following are valid countermeasures in the prevention of IoT hacking? (Choose all that apply.)

A. Disable guest and demo accounts.

B. Enable lockout features for excessive login attempts.

C. Disable telnet.

D. Implement patch management and ensure device firmware is up to date.

A

A, B, C, D

17
Q

Within the Attify Zigbee Framework, which of the following is used to discover target devices within range?

A. zbstumbler

B. zbdump

C. zbreplay

D. zbassoc/flood

A

A. Let’s play a little Q&A game, shall we? I’ll introduce you to a collection of tools, presented by Attify in its Zigbee Framework

18
Q

Which of the following is an advanced hardware- and software-designed radio used for security testing in IoT?

A. Fluke

B. Raspberry Pi

C. HackRF One

D. Alfa AWUS036NH

A

C. There are few certainties in life—the rising and setting of the sun every day, lovebugs making life miserable for a couple months each year in the South, and ever-increasing taxes on everything from income to gas. One you can add to your list is HackRF One being on your CEH exam.