Passive Exploitation PE Flashcards
True or False: Passive 802.11 Exploitation is the ability to exploit information of already-collected signals WITHOUT transmitting any frames into a wireless network.
True
True or False: A target is always aware when passive exploitation is being conducted.
False
When an intruder is not actively doing anything, just monitoring information to exploit at a later time, this is referred to as what type of passive exploitation?
Keylogging
The settings on a(n) _______ can help the client determine what kind of three specific kinds of encryption to use or not to use.
AP
The three kinds of 802.11 Encryption are:
WEP, WPA, WPA2
Wire Equivalency Privacy (WEP), also known as the original IEEE 802.11 standard of encryption, was originally ratified in what year?
1997
Wired Equivalent Privacy (WEP), was decommissioned in 2004, and succeeded by what??
WPA
Alongside using the same RC4 stream cipher and CRC-32 checksum, what protocol did WPA use as a solution to WEP shortcomings?
Temporal Key Integrity Protocol (TKIP)
WPA was later succeeded by what?
WPA2
True or False: WPA2 defines two types of security: Passphrase Authentication and 802.1X/EAP security.
True
Passphrase Authentication is for what kinds of networks?
Small office/Home office networks (SOHO)
802.1X/EAP security is for what kinds of networks?
Enterprise Networks
What standard, not protocol, replaced the RC4 Cipher used in WEP and temporal key integrity protocol (TKIP)?
AES
What tool is used for wi-fi hacking and security?
Aircrack-ng
Aircrack is an all-in-one tool that can be used as what?
- Packet Sniffer
- WEP/WPA/WPA2 cracker
- Analyzing and Hash Capturing Tool
- All of the above
All of the Above
What kind of attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys?
Brute Force Attack
True or False: A Brute Force Attack could take less than a minute to crack.
True
What type of Brute Force Attack is where the attacker makes logical guesses to crack your authentication system that aren’t assisted by software tools?
Simple Brute Force Attack
Which Brute Force Attack would be where an attacker may use your birth year as a pin?
Simple Brute Force Attack
What type of Brute Force Attack is where they use a simple approach to try and test several possible combinations by guessing possible passwords that are beyond the scope of their logic?
Hybrid Brute Force Attack
Which type of attack is used where an attacker isn’t targeting a specific user, but instead is using a leaked password and testing it against multiple user IDs?
Reverse Brute Force Attack
True or False: Dictionary Attack requires an attacker to use ordinary words (as they are in the dictionary) paired with a typical sequence of numbers or special characters in order to crack the password.
True
What type of attack allows attackers to eavesdrop on the communication between two targets?
MITM
True or False: PSK is a shared key in between two clients in order to use a “secure” channel.
True
What is the first main step in a successful WPA passive attack?
Using a wireless sniffer or protocol analyzer
What was the main attack against the CRC32 checksum?
Chop-Chop
When an attacker truncates the last byte of the encrypted packet and guesses the value, what is the average amount of guesses it takes to guess the right value?
128
True or False: WPA2-PSK (Pre-Shared Key) is the most secure form of encryption used on personal wireless networks.
True
True or False: The main vulnerability on WPA2 was called KRACK – Key Reinstallation Attack.
True
True or False: During a KRACK, the attack is against a 4-way handshake, and does not exploit access points themselves, but instead targets users.
True
