INT 244 UNIT 06 MCQs

WiFi, Bluetooth, Mobile Devices, Cloud Services & Implementing SOC and SIEM solutions

INT 244  UNIT 06 MCQs

Hacking Wi-Fi and Bluetooth.

1. WEP is designed to offer security comparable to which of the following?

A. Bluetooth

B. Wired networks ✔️

C. IrDA

D. IPv6

2. Which of the following operates at 5 GHz?

A. 802.11a ✔️

B. 802.11b

C. 802.11g

D. 802.11i

3. Which of the following specifies security standards for wireless?

A. 802.11a 

B. 802.11b

C. 802.11g

D. 802.11i ✔️

4. Which of the following options shows the protocols in order from strongest to

weakest?

A. WPA, WEP, WPA2, Open

B. WEP, WPA2, WPA, Open

C. Open, WPA, WPA2, WEP

D. WPA2, WPA, WEP, Open ✔️

5. Which of the following is designed to locate wireless access points?

A. Site survey ✔️

B. Traffic analysis

C. Pattern recognition

D. Cracking

6. What is a client-to-client wireless connection called?

A. Infrastructure

B. Client-server

C. Peer-to-peer

D. Ad hoc ✔️

7. When a wireless client is attached to an access point, it is known as which of the

following?

A. Infrastructure ✔️

B. Client-server

C. Peer-to-peer

D. Ad hoc

8. Bluesnarfing is used to perform what type of attack?

A. Send spam text messages.

B. Read information from a device. ✔️

C. Deposit malware on a system.

D. Distribute files onto a system.

9. Monitor mode is used by wireless cards to do what?

A. Capture traffic from an associated wireless access point.

B. Capture information from ad hoc networks.

C. Capture information about wireless networks. ✔️

D. Capture traffic from access points. 

10. A honeyspot is designed to do what?

A. Look for patterns of known attacks.

B. Look for deviations from known traffic patterns.

C. Attract victims to connect to it. ✔️

D. Analyze attacks patterns.

11. An SSID is used to do which of the following?

A. Identify a network. ✔️ 

B. Identify clients.

C. Prioritize traffic.

D. Mask a network.

12. AirPcap is used to do which of the following?

A. Assist in the sniffing of wireless traffic. ✔️

B. Allow network traffic to be analyzed.

C. Allow the identification of wireless networks.

D. Attack a victim.

13. What is a rogue access point?

A. An access point not managed by a company ✔️

B. An unmanaged access point

C. A second access point

D. A honeypot device

14. Bluejacking is a means of which of the following?

A. Tracking a device

B. Breaking into a device

C. Sending unsolicited messages ✔️

D. Crashing a device

15. The wardriving process involves which of the following?

A. Locating wireless networks ✔️

B. Breaking into wireless networks

C. Sniffing traffic

D. Performing spectrum analysis

16. Warchalking is used to do which of the following?

A. Discover wireless networks.

B. Hack wireless networks.

C. Make others aware of a wireless network. ✔️

D. Analyze a wireless network.

17. A closed network is typically which of the following?

A. Public network

B. Private network ✔️

C. Hot spot

D. Kiosk location

18. Which feature makes WPA easy to defeat?

A. AES encryption

B. WPS support ✔️

C. TKIP support

D. RC4 support

19. What is a PSK?

A. The password for the network

B. The certificate for the network

C. A key entered into each client ✔️

D. A distributed password for each user

20. Which of the following is a device used to perform a DoS on a wireless network?

A. WPA jammer

B. WPA2 jammer

C. WEP jammer

D. Wi-Fi jammer ✔️

Mobile Device Security

1. What is the benefit of encryption on mobile devices?

A. Protection against stolen devices

B. Protection of data on lost or stolen devices ✔️

C. Prevention of malware

D. Protection of data being sent to websites

2. Jailbreaking a phone refers to what?

A. Removing DRM from the system

B. Removing a device from a network

C. Acquiring root access on a device ✔️

D. Removing ransomware from a system

3. What does rooting a device do?

A. Removes updates from a system

B. Removes access to a user

C. Provides root-level access to a user on a system ✔️

D. Increases security on a device

4. Android is based on which operating system?

A. Windows

B. OS X

C. Unix 

D. Linux ✔️

5. iOS is based on which operating system?

A. Windows

B. OS X ✔️

C. Unix

D. Linux

6. What could a company do to protect itself from a loss of data when a phone is stolen?

(Choose all that apply.)

A. Passwords ✔️

B. Patching

C. Encryption ✔️

D. Remote wipe ✔️

7. A utility for auditing WordPress from Android is __________.

A. DroidSheep

B. Firesheep

C. WPScan ✔️

D. Nmap

8. What utility could be used to avoid sniffing of traffic?

A. SandroProxy

B. Proxify

C. Psiphon ✔️

D. Shark

9. Jennifer has captured the following URL: www.snaz22enu.com/&w25/session=22525.

She realizes that she can perform a session hijack. Which utility would she use?

A. Shark

B. DroidSheep ✔️

C. Airmon

D. Droid

10. Jennifer is concerned about her scans being tracked back to her tablet. What could she

use to hide the source of the scans?

A. Sniffing

B. SandroProxy ✔️

C. FaceNiff

D. Blind scanning

11. What option would you use to install software that’s not from the Google Play store?

A. Install from unknown sources. ✔️

B. Install unsigned sources.

C. Install from unknown locations.

D. Install from unsigned services.

12. Which technology can provide protection against session hijacking?

A. IPsec ✔️

B. UDP

C. TCP

D. IDS

13. When a device is rooted, what is the effect on security?

A. Improved

B. Lowered ✔️

C. Stays the same

D. Hardened

14. Session hijacking can be thwarted with which of the following?

A. SandroProxy

B. DroidSheep

C. FaceNiff

D. Psiphon ✔️

15. A denial of service application for Android is __________.

A. Blaster

B. LOIC ✔️

C. Evil

D. Pryfi

16. A man-in-the-browser attack delivered by a piece of malware can be prevented by

which of the following?

A. Anti-virus ✔️

B. Anti-spyware

C. Using Firefox

D. Rooting a device

17. An attack that can be performed using FaceNiff is __________.

A. Infecting the client system

B. Infecting the server system

C. Inserting oneself into an active session ✔️

D. Inserting oneself into a web application

18. Remote wipes do what? (Choose two.)

A. Wipe all data off a device. ✔️

B. Remove sensitive information such as contacts from a remote system.

C. Factory reset a device.

D. Insert cookies and devices.

19. A session hijack can be used against a mobile device using all of the following except?

A. Emails

B. Browsers

C. Worms ✔️

D. Cookies

20. NetCut is used to do what? (Choose two.)

A. Test firewalls. ✔️

B. Craft packets.

C. Take over a session

D. Scan a network.

Cloud Technologies and Security 

1. SaaS is a cloud hosting environment that offers what?

A. Development options

B. Testing options

C. Software hosting ✔️

D. Improved security

2. Which of the following can be used to protect data stored in the cloud?

A. SSL

B. Drive encryption ✔️

C. Transport encryption

D. Harvesting

3. SOAP is used to perform what function?

A. Transport data

B. Enable communication between applications ✔️

C. Encrypt information

D. Wrap data

4. Which attack alters data in transit within the cloud?

A. Packet sniffing

B. Port scanning

C. MitM ✔️

D. Encryption

5. Altering a checksum of a packet can be used to do what?

A. Send an RST

B. Send a URG

C. Reset a connection

D. Evade an NIDS ✔️

6. Cloud technologies are used to accomplish which of the following?

A. Increase management options ✔️

B. Offload operations onto a third party ✔️

C. Transfer legal responsibility of data to a third party

D. Cut costs ✔️

7. A cloud environment can be in which of the following configurations except?

A. IaaS

B. PaaS

C. SaaS

D. LaaS ✔️

8. What type of cloud service would provide email hosting and associated security

services?

A. PaaS

B. SaaS

C. IaaS ✔️

D. SSaS

9. Who has legal responsibility for data hosted in the cloud?

A. The Cloud Service Provider

B. The IT department of the client

C. The client ✔️

D. The consumer

10. Why wouldn’t someone create a private cloud?

A. To reduce costs ✔️

B. To offload technical support

C. To increase availability

D. To maintain universal access

11. There are how many different types of cloud hosting environments?

A. Two

B. Three ✔️

C. Four

D. Five

12. Which of the following would be hosted as SaaS?

A. Email ✔️

B. Active Directory

C. Applications

D. Firewalls

13. A cloud-based firewall is used to separate which of the following?

A. Networks

B. Hosts

C. Permissions ✔️

D. ACL

14. An application would be developed on what type of cloud service?

A. BaaS

B. SaaS

C. IaaS

D. PaaS ✔️

15. Which of the following issues would be a good reason for moving to a cloud based

environment?

A. Reduced costs ✔️

B. Improved performance ✔️

C. Easier forensics

D. Increased redundancy ✔️

16. HTTPS is typically open on which port in a cloud based firewall?

A. 25

B. 443 ✔️

C. 80

D. 110

17. What system is used as a choke point for traffic and could be offered through IaaS?

A. IDS

B. DMZ

C. Bastion host ✔️

D. SNMP host

18. At which layer of the OSI model would you expect a cloud based solution to operate

at?

A. Layer 1

B. Layer 2

C. Layer 3 ✔️

D. Layer 4 ✔️

19. What type of firewall analyzes the status of traffic and would be part of a IaaS

solution?

A. Circuit level

B. Packet filtering

C. Stateful inspection ✔️

D. NIDS

20. What can be used instead of a URL to evade some firewalls used to protect a cloud

based web application?

A. IP address ✔️

B. Encryption

C. Stateful inspection

D. NIDS