Wireless CNO PE Flashcards
What CNE attack places the attacker in the flow of traffic with the ability to view, Modify, or drop frames in real-time?
MitM ATTACK
What exploit/attack includes a Rogue Access Point?
Evil Twin
This attack type involves and attacker disguising themselves as an application by altering packet headers in an IP address. As a result, users attempting to access a URL connected to the application are sent to the attackers website.
IP Spoofing
This is the process of linking attackers MAC address with the IP address of a legitimate user on a Local Area Network using fake ARP messages. As a result, data sent by the user to the host IP address is instead transmitted to the attacker.
ARP SPOOFING
This attack involves infiltrating a DNS server and altering a website’s address record. As a result, users attempting to access the site are sent by the altered DNS record to the attackers site. ALSO, this is attack is also referred to as what?
DNS cache poisoning
When assigned or searching for a new target, analysts will source as much intel as possible from all available databases and sources. This is called:
Initial Intel Dump
This attack affects the stations other than the intended targets, and limits or totally blocks the availability of network resources.
DoS Attack
This attack sends spoofed CTS frames or sends repeated RTS frames to an AP forcing the AP to send CTS commands.
CTS Attack
This attack causes a client to have to reauthenticate/reassociate with their AP.
Deauthentication attack
The intentional use of RF energy to deny or degrade wireless communications.
Jamming
The intentional use of RF energy to deny or degrade wireless communications.
Fix
How many LOBs (Line of Bearing) are needed to produce an effective fix?
3
What is considered much more accurate than a DF, and uses algorithms to produce an MGRS?
Geolocation
Jamming is associated with the unintentional degradation of wireless communication efforts.
False
When an analyst is provided with a new target, what surveys should the analyst begin with
- 5GHz band and all associated channels
- MAC addresses, IP addresses, SSIDs, encryptions and channels
- 2.4GHz band and all associated channels
- All of the Above
All of the Above
What tool is commonly and widely used to perform packet capture?
Wireshark
Target nomination will depend on criteria defined for each mission provided by :
The analyst’s unit
An attacker can initiate a(n) _______________ to get victims to associate with the new rogue AP.
Deauthentication
CNA operations are designed to DENY, DEGRADE, DISRUPT, or __________ a targets ability to transmit data on a network.
DESTROY
Active & Passive operations to gain access to target information systems is called :
Conduct CNE
What is the final part of the Find/Fix/Finish picture. where POL efforts must be used to ensure time/location?
Kill/Capture
What is target collecting as able to maintain target awareness, but no action is taken at this time.
Continue Collection
Must be careful when conducting this activity, since disruption, denial, or degradation of target systems and their ability to communicate result in a DoS that will disrupt future collection efforts.
Kill/Capture
