for performing a bluebugging attack, which of the following is the best choice?

A Blooover

explanation

Blooover is intended to be used for bluebugging. Blackberry utilities include BBProxy and PhoneSnoop, while btCrawler is a discovery tool.

Explore more Cehv10 questions

Take more free practice tests for other PASSEMALL topics with our ceh exam now!

Comments

Leave a Reply Cancel reply

Which of the following tools is the best option for rooting the device if you wish to gain administrative privileges over your Android device?

SuperOneClick

SuperOneClick is a rooting tool for Android. The rest are jailbroken iOS options.

Providing for integrity in WPA2 is which of the following?

CCMP

For integrity, the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (say that three times fast) utilizes Message Integrity Codes (MICs).

For encryption, RC4 is used by which wireless technology?

WEP

WEP utilizes RC4, which is one of the reasons it is readily hacked and is not regarded as a secure choice.

Which of the following methods is the best way to crack the network key if a WPA2 wireless network is discovered during a pen test?

Capture the WPA2 authentication traffic and crack the key.

WPA2 is a strong encryption method, but with enough time, practically everything can be hacked. Capturing the password pairwise master key (PMK) during the handshake is the only method to achieve it, and even then it's very difficult if the password is complex.

In order to attempt to crack a WEP AP, what information is required? Select two options.

Network SSID

MAC address of the AP

For attempting a WEP crack, the MAC address of the AP and the SSID are required.

Temporal keys is made use of by which wireless encryption technology?

WPA

WPA utilizes temporal keys, giving it a far more secure encryption option than WEP.

Which of the following explains why the APs are still vulnerable in the case
You and your customer are talking about wireless security. He claims that his network is secure because he has installed MAC filtering on all access points, allowing only MAC addresses from clients he has manually configured in each list. As you point out, this procedure will not prevent a determined attacker from joining his network.

An attacker could sniff an existing MAC address and spoof it.

MAC filtering can readily be circumvented by sniffing the network for a valid MAC and then spoofing it using any of the available alternatives.

In WPA, which secures against man-in-the-middle attacks?

MIC

In WPA, MIC provides integrity checking, ensuring that frames are real and have not been tampered with. It does this in part by using a sequence number—if any come out of order, the entire session is dropped.

Which jailbreaking methods will keep the phone jailbroken even after it is rebooted?

Untethered

The device remains jailbroken indefinitely, with or without connection to another device if untethered jailbreaking is being used.

Which of the following is a true statement regarding his attempt at security in the situation that you are discussing wireless security with your client who tells you he feels safe with his network because he has turned off SSID broadcasting?

Unauthorized users will still be able to connect because the SSID is still sent in all packets, and a sniffer can easily discern the string.

Turning off an SSID's broadcast is a smart first step, but SSIDs have no security implications. The SSID is included in every packet, whether broadcast from the AP or not.

The true statement is which of the following?

SSIDs are important for identifying networks but do little to nothing for security.

An SSID serves no use other than to identify the network. It is not intended to be a security measure.

Choose the action that will provide some protections against the risk security when some operations promote the use of mobile devices in the enterprise and security disagrees. Given that multiple risks are associated adding mobile devices to the network.

Implement MDM.

Mobile Device Management will not eliminate all of the risks associated with the ongoing use of mobile devices on your network, but it will help.