Wireless CNO PE

Question 1

What CNE attack places the attacker in the flow of traffic with the ability to view, Modify, or drop frames in real-time?

Answer 1

MitM ATTACK

Question 2

What exploit/attack includes a Rogue Access Point?

Answer 2

Evil Twin

Question 3

This attack type involves and attacker disguising themselves as an application by altering packet headers in an IP address. As a result, users attempting to access a URL connected to the application are sent to the attackers website.

Answer 3

IP Spoofing

Question 4

This is the process of linking attackers MAC address with the IP address of a legitimate user on a Local Area Network using fake ARP messages. As a result, data sent by the user to the host IP address is instead transmitted to the attacker.

Answer 4

ARP SPOOFING

Question 5

This attack involves infiltrating a DNS server and altering a website’s address record. As a result, users attempting to access the site are sent by the altered DNS record to the attackers site. ALSO, this is attack is also referred to as what?

Answer 5

DNS cache poisoning

Question 6

When assigned or searching for a new target, analysts will source as much intel as possible from all available databases and sources. This is called:

Answer 6

Initial Intel Dump

Question 7

This attack affects the stations other than the intended targets, and limits or totally blocks the availability of network resources.

Answer 7

DoS Attack

Question 8

This attack sends spoofed CTS frames or sends repeated RTS frames to an AP forcing the AP to send CTS commands.

Answer 8

CTS Attack

Question 9

This attack causes a client to have to reauthenticate/reassociate with their AP.

Answer 9

Deauthentication attack

Question 10

The intentional use of RF energy to deny or degrade wireless communications.

Answer 10

Jamming

Question 11

The intentional use of RF energy to deny or degrade wireless communications.

Answer 11

Fix

Question 12

How many LOBs (Line of Bearing) are needed to produce an effective fix?

Answer 12

3

Question 13

What is considered much more accurate than a DF, and uses algorithms to produce an MGRS?

Answer 13

Geolocation

Question 14

Jamming is associated with the unintentional degradation of wireless communication efforts.

Answer 14

False

Question 15

When an analyst is provided with a new target, what surveys should the analyst begin with

• 5GHz band and all associated channels
• MAC addresses, IP addresses, SSIDs, encryptions and channels
• 2.4GHz band and all associated channels
• All of the Above

Answer 15

All of the Above

Question 16

What tool is commonly and widely used to perform packet capture?

Answer 16

Wireshark

Question 17

Target nomination will depend on criteria defined for each mission provided by :

Answer 17

The analyst’s unit

Question 18

An attacker can initiate a(n) _______________ to get victims to associate with the new rogue AP.

Answer 18

Deauthentication

Question 19

CNA operations are designed to DENY, DEGRADE, DISRUPT, or __________ a targets ability to transmit data on a network.

Answer 19

DESTROY

Question 20

Active & Passive operations to gain access to target information systems is called :

Answer 20

Conduct CNE

Question 21

What is the final part of the Find/Fix/Finish picture. where POL efforts must be used to ensure time/location?

Answer 21

Kill/Capture

Question 22

What is target collecting as able to maintain target awareness, but no action is taken at this time.

Answer 22

Continue Collection

Question 23

Must be careful when conducting this activity, since disruption, denial, or degradation of target systems and their ability to communicate result in a DoS that will disrupt future collection efforts.

Answer 23

Kill/Capture