Wireless Attacks

Question 1

Wireless Attack:

Capturing traffic between an endpoint and a wireless access point.

Answer 1

Replay Attack

Question 2

Wireless Attack:

The randomization element at the beginning of a connection and is targeted for repeatability.

Answer 2

Initialization Vector (IV)

Question 3

Wireless Attack:

Attackers set up own access point and make it appear like it is a legitimate access point.

Answer 3

Evil Twin
– AND –
Rogue

Question 4

Wireless Attack:

Evil Twin
– AND –
Rogue

Allow attackers act as

Answer 4

Man in the Middle

MITM

Question 5

Wireless Attack:

uses 8-digit PIN for authentication and is highly susceptable to brute force attack that an attacker can glean the passphrase from.

Answer 5

Wi-fi Protected Setup (WPS)

Question 6

Wireless Attack:

Sending unauthorized messages through Bluetooth.

Answer 6

Bluejacking

Question 7

Wireless Attack:

Attacker connects to victims device via Bluetooth and then copies their information.

Answer 7

Bluesnarfing

Question 8

Wireless Attack:

Used for security of most buildings and users given access near card reader to gain entrance to a facility.

Answer 8

Radio Frequency Identification (RFID)

Question 9

Wireless Attack:

Attackers target denial or copying of

Answer 9

RFID

Question 10

Wireless Attack:

Wireless technologies used for short-range communication with mobile devices that allows mobile phone to pay for stuff and access banking information.

Answer 10

Near-field Communication (NFC)

Question 11

Wireless Attack:

Kicks devices off of wireless network and banks on reconnect - used to sniff connections to steal passwords.

Answer 11

Disassociation

Question 12

Cryptographic Attack:

Assumption that there will be a shared password between at least two people in a group.

Answer 12

Birthday Attack

Question 13

Cryptographic Attack:

If a user was able to glean some ciphertext it could potentially be reverse engineered.

Answer 13

Known Plaintext/Ciphertext.

Question 14

Password Attack:

Generally speaking the choice of passwords matters and this can be exploited.

Answer 14

Poor password choices

Question 15

Password Attack:

Attack based on the hash of a password

Answer 15

Rainbow Table

Question 16

Password Attack:

The best defence against a Rainbow Table attack is to

Answer 16

Salt the hash

Question 17

Password Attack:

Attack attempts to “guess” passwords

Answer 17

Dictionary Attack

Question 18

Password Attack:

Tries to guess every possible combination and the length of time of the attack correlates to the length of the password.

Answer 18

Brute Force

Question 19

Password Attack: Brute Force

Authenication in this brute force attack is against the system.

Answer 19

Online

Question 20

To prevent an online brute force attack

Answer 20

Lock the account after a few failed attempts or monitor the network.

Question 21

Password Attack: Brute Force

If an attacker has the password then the attacker can continue to crack it on their own maching

Answer 21

Offline

Question 22

To prevent Offline brute force attacks

Answer 22

Secure the password file

Question 23

Password Attack:

This occurs when different inputs yield the same output of a hash function - chaning content with identical hashes would allow access.

Answer 23

Collision

Question 24

Password Attack:

When supporting backwards compatibility TLS/SSL connections can be downgraded to support lower quality security options.

Answer 24

Downgrade