CompTIA Security+ Question L-6

Peter, an employee is taking a taxi through a busy city and starts to receive unsolicited files sent to his Smartphone. Which of the following is this an example of?

A. Vishing
B. Bluejacking
C. War Driving
D. SPIM
E. Bluesnarfing

Answer: B

Explanation:
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol. Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters. Bluejacking is usually harmless, but because bluejacked people generally don’t know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it’s possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

CompTIA Security+ Question I-25

The practice of marking open wireless access points is called which of the following?

A. War dialing
B. War chalking
C. War driving
D. Evil twin

Answer: B

Explanation:
War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot.

CompTIA Security+ Question G-55

Which of the following is a penetration testing method?

A. Searching the WHOIS database for administrator contact information
B. Running a port scanner against the target’s network
C. War driving from a target’s parking lot to footprint the wireless network
D. Calling the target’s helpdesk, requesting a password reset

Answer: D

Explanation:
A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure by safely attempting to exploit system vulnerabilities, including OS, service and application flaws, improper configurations, and even risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as end-users’ adherence to security policies. Penetration testing evaluates an organization’s ability to protect its networks, applications,

endpoints and users from external or internal attempts to circumvent its security controls to gain unauthorized or privileged access to protected assets. Test results validate the risk posed by specific security vulnerabilities or flawed processes, enabling IT management and security professionals to prioritize remediation efforts. By embracing more frequent and comprehensive penetration testing, organizations can more effectively anticipate emerging security risks and prevent unauthorized access to critical systems and valuable information. Penetration tests are not always technically clever attempts to access a network. By calling the target’s helpdesk and requesting a password reset, if they reset the password without requiring proof that you are authorized to request a password change, you can easily gain access to the network.

CompTIA Security+ Question F-62

After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings?

A. IV attack
B. War dialing
C. Rogue access points
D. War chalking

Answer: D

Explanation:
War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot.

CompTIA Security+ Question E-83

Which of the following types of wireless attacks would be used specifically to impersonate another WAP in order to gain unauthorized information from mobile users?

A. IV attack
B. Evil twin
C. War driving
D. Rogue access point

Answer: B

Explanation:
An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate provider. In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a phishing technique. For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears

as their legitimate hotspot with the same name. In wireless transmissions, evil twins are not a new phenomenon. Historically, they were known as honeypots or base station clones. With the advancement of wireless technology and the use of wireless devices in public areas, it is very easy for novice users to set up evil twin exploits.

CompTIA Security+ Question D-76

A user commuting to work via public transport received an offensive image on their smart phone from another commuter. Which of the following attacks MOST likely took place?

A. War chalking
B. Bluejacking
C. War driving
D. Bluesnarfing

Answer: B

Explanation:
The question states that the ‘attack’ took place on public transport and was received on a smartphone. Therefore, it is most likely that the image was sent using Bluetooth. Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol. Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters. Bluejacking is usually harmless, but because bluejacked people generally don’t know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it’s possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

CompTIA Security+ Question C-80

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?

A. War dialing
B. War chalking
C. War driving
D. Bluesnarfing

Answer: A

Explanation:
War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers – malicious hackers who specialize in computer security – for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry-point into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a company’s telephone network.

CompTIA Security+ Question C-32

Which of the following would MOST likely involve GPS?

A. Wardriving
B. Protocol analyzer
C. Replay attack
D. WPS attack

Answer: A

Explanation:
War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere. To do war driving, you need a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car. A GPS (Global Positioning System) system can be used to accurately map your location while detecting the wireless networks.

CompTIA Security+ Question B-71

Matt, an administrator, is concerned about the wireless network being discovered by war driving.
Which of the following can be done to mitigate this?

A. Enforce a policy for all users to authentic through a biometric device.
B. Disable all SSID broadcasting.
C. Ensure all access points are running the latest firmware.
D. Move all access points into public access areas.

Answer: B

Explanation:
B: War driving is the act of using a detection tool to look for wireless networking signals. The setting making a wireless network closed (or at least hidden) is the disabling of service set identifier (SSID) broadcasting. Thus by disabling all SSID broadcasting you can mitigate the risk of war driving.

CompTIA Security+ Question B-20

Several bins are located throughout a building for secure disposal of sensitive information.
Which of the following does this prevent?

A. Dumpster diving
B. War driving
C. Tailgating
D. War chalking

Answer: A

Explanation:
The bins in this question will be secure bins designed to prevent someone accessing the ‘rubbish’ to learn sensitive information. Dumpster diving is looking for treasure in someone else’s trash. (A dumpster is a large trash container.) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn’t limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network. To prevent dumpster divers from learning anything valuable from your trash, experts recommend that your company establish a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased, and all staff is educated about the danger of untracked trash.