Security Administration

Question 1

Involves sending unsolicited messages to Bluetooth devices when they are in range.

Answer 1

bluejacking

Question 2

Attack that involves getting data from a Bluetooth device

Answer 2

Bluesnarfing

Question 3

A rogue wireless access point that mimics the SSID of a legitimate access point

Answer 3

Evil twin

Question 4

Protocol intended to make a wireless network as secure as wired network. However, it was flawed, and it is now recommended you DON’T use it

Answer 4

WEP - Wired Equivalent Privacy

Question 5

Wifi that uses Temporal Key Integrity Protocol (TKIP), which is a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet.

Answer 5

WPA - Wifi Protected Access

Question 6

Wifi that is based on IEEE 802.11i standard. It provides Advanced Encryption Standard (AES) using the Counter Mode-Cipher Block Chaining (CBC) - Message Authentication Code (MAC) - Protocol (CCMP) that delivers data confidentiality, data origin authenticaiton, and data integrity for wireless frames.

Answer 6

WPA2

Question 7

In this attack, the attacker sends a deauthenticaiton packet to the wireless access point, spoofing the user’s IP address. This causes the access point to think that the user is logging off and to deauthenticate the user.

Answer 7

Disassociation

Question 8

A radio wave transmission that automatically connects when in range.

Answer 8

NFC - Near Field Communication

Question 9

A type of attack that occurs when someone puts up an unauthorized access point.

Answer 9

Rogue access point

Question 10

Rogue Access point that copies the SSID of a legitimate access point.

Answer 10

Evil Twin

Question 11

Acronym for satellite communications

Answer 11

SATCOM

Question 12

Makes the device only function if it is within certain geographical locations.

Answer 12

Geofencing

Question 13

Process intended to be used if the phone is stolen or going to be reassigned to another user

Answer 13

Remote Wipe/Sanitation

Question 14

Process that takes into account the context in which the authentication attempt is being made. Examines the user’s location, time of day, the computer from which they are logging in, what they are trying to do, and so on.

Answer 14

Context-Aware Authentication

Question 15

Process to screen lock the screen with a password after a short period of inactivity.

Answer 15

Screen Lock

Question 16

Refers to employees bringing their personal devices into the corporate network environment.

Answer 16

BYOD - Bring Your Own Device

Question 17

With this approach, the company creates a list of approved devices that meet the company’s minimum security standards. Employees then can select from among this list of preapproved devices.

Answer 17

CYOD - Chose Your Own Device

Question 18

With this approach, the company has complete control of the devices, and thus it can ensure a higher level of security.

Answer 18

COPE - Company Owned and Provided Equipment

Question 19

Used to provide a desktop to users on any machines they wish. The desktop itself is actually virtualized, and contains all of the user’s applications. This can also be used by mobile devices.

Answer 19

VDI - Virtual Desktop Infraestructure