PrepAway - Latest Free Exam Questions & Answers

Which of the following activities is MOST appropriate?

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a
company’s live modem pool. Which of the following activities is MOST appropriate?

PrepAway - Latest Free Exam Questions & Answers

A.
War dialing

B.
War chalking

C.
War driving

D.
Bluesnarfing

Explanation:
War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually
dialing every number in a local area code to search for computers, Bulletin board systems and fax
machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers –
malicious hackers who specialize in computer security – for guessing user accounts (by capturing
voicemail greetings), or locating modems that might provide an entry-point into computer or other
electronic systems. It may also be used by security personnel, for example, to detect unauthorized
devices, such as modems or faxes, on a company’s telephone network.
Incorrect Answers:
B: War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign
posts, trees) to indicate the existence of an open wireless network connection, usually offering an
Internet connection so that others can benefit from the free wireless access. The open connections
typically come from the access points of wireless networks located within buildings to serve enterprises.
The chalk symbols indicate the type of access point that is available at that specific spot. War chalking is
not used to test the security controls of modems.C: War driving, also called access point mapping, is the act of locating and possibly exploiting connections
to wireless local area networks while driving around a city or elsewhere. To do war driving, you need a
vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode,
and some kind of an antenna which can be mounted on top of or positioned inside the car. Because a
wireless LAN may have a range that extends beyond an office building, an outside user may be able to
intrude into the network, obtain a free Internet connection, and possibly gain access to company records
and other resources. War driving is not used to test the security controls of modems.
D: Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection.
Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop
and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability
in the way Bluetooth is implemented on a mobile phone, an attacker can access information — such as
the user’s calendar, contact list and e-mail and text messages — without leaving any evidence of the
attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a
lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some
devices, but others are vulnerable as long as Bluetooth is enabled. Bluesnarfing is not used to test the
security controls of modems.

http://en.wikipedia.org/wiki/War_dialing
http://www.webopedia.com/TERM/W/warchalking.html
http://searchmobilecomputing.techtarget.com/definition/war-driving
http://searchmobilecomputing.techtarget.com/definition/bluesnarfing


Leave a Reply