Which of the following is where an unauthorized device is found allowing access to a network?

A.
Bluesnarfing

B.
Rogue access point

C.
Honeypot

D.
IV attack

Explanation:
A rogue access point is a wireless access point that has either been installed on a secure company
network without explicit authorization from a local network administrator, or has been created to allow a
hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security
threat to large organizations with many employees, because anyone with access to the premises can
install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to
a secure network to unauthorized parties. Rogue access points of the second kind target networks that do
not employ mutual authentication (client-server server-client) and may be used in conjunction with a
rogue RADIUS server, depending on security configuration of the target network.
To prevent the installation of rogue access points, organizations can install wireless intrusion prevention
systems to monitor the radio spectrum for unauthorized access points.
Incorrect Answers:
A: Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection.
Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop
and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability
in the way Bluetooth is implemented on a mobile phone, an attacker can access information — such as
the user’s calendar, contact list and e-mail and text messages — without leaving any evidence of the
attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a
lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some
devices, but others are vulnerable as long as Bluetooth is enabled. This is not what is described in this
question.
C: A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study the
attack to research current attack methodologies.
A Honeypot luring a hacker into a system has several main purposes:The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning where
the system has weaknesses that need to be redesigned.
The hacker can be caught and stopped while trying to obtain root access to the system.
By studying the activities of hackers, designers can better create more secure systems that are potentially
invulnerable to future hackers.
This is not what is described in this question.
D: An initialization vector is a random number used in combination with a secret key as a means to
encrypt data. This number is sometimes referred to as a nonce, or “number occurring once,” as an
encryption program uses it only once per session.
An initialization vector is used to avoid repetition during the data encryption process, making it
impossible for hackers who use dictionary attack to decrypt the exchanged encrypted message by
discovering a pattern. This is known as an IV attack.
A particular binary sequence may be repeated more than once in a message, and the more it appears, the
more the encryption method is discoverable. For example if a one-letter word exists in a message, it may
be either “a” or “I” but it can’t be “e” because the word “e” is non-sensical in English, while “a” has a
meaning and “I” has a meaning. Repeating the words and letters makes it possible for software to apply a
dictionary and discover the binary sequence corresponding to each letter.
Using an initialization vector changes the binary sequence corresponding to each letter, enabling the
letter “a” to be represented by a particular sequence in the first instance, and then represented by a
completely different binary sequence in the second instance.
This is not what is described in this question.

http://en.wikipedia.org/wiki/Rogue_access_point
http://searchmobilecomputing.techtarget.com/definition/bluesnarfing
http://www.techopedia.com/definition/26858/initialization-vector