PrepAway - Latest Free Exam Questions & Answers

Which of the following type of attacks is underway?

wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type
of attacks is underway?

PrepAway - Latest Free Exam Questions & Answers

A.
IV attack

B.
Interference

C.
Blue jacking

D.
Packet sniffing

Explanation:
In this question, it’s likely that someone it trying to crack the wireless network security.
An initialization vector is a random number used in combination with a secret key as a means to encrypt
data. This number is sometimes referred to as a nonce, or “number occurring once,” as an encryption
program uses it only once per session.
An initialization vector is used to avoid repetition during the data encryption process, making it
impossible for hackers who use dictionary attack to decrypt the exchanged encrypted message by
discovering a pattern. This is known as an IV attack.
A particular binary sequence may be repeated more than once in a message, and the more it appears, the
more the encryption method is discoverable. For example if a one-letter word exists in a message, it may
be either “a” or “I” but it can’t be “e” because the word “e” is non-sensical in English, while “a” has a
meaning and “I” has a meaning. Repeating the words and letters makes it possible for software to apply a
dictionary and discover the binary sequence corresponding to each letter.
Using an initialization vector changes the binary sequence corresponding to each letter, enabling the
letter “a” to be represented by a particular sequence in the first instance, and then represented by a
completely different binary sequence in the second instance.
WEP (Wireless Equivalent Privacy) is vulnerable to an IV attack. Because RC4 is a stream cipher, the same
traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to
prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the
IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same
IV will repeat after 5000 packets.Incorrect Answers:
B: There can be many sources of interference to network communications especially in wireless
networks. However, interference would not cause large numbers of ARP packets to be sent to the
wireless access point.
C: Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as
mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the
name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.
Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can
reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.
Bluejacking is usually harmless, but because bluejacked people generally don’t know what has happened,
they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but
with modern phones it’s possible to send images or sounds as well. Bluejacking has been used in guerrilla
marketing campaigns to promote advergames.
Bluejacking would not cause large numbers of ARP packets to be sent to the wireless access point.
D: Packet sniffing is the process of intercepting data as it is transmitted over a network.
A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to
a local area network that is not filtered or switched, the traffic can be broadcast to all computers
contained in the same segment. This doesn’t generally occur, since computers are generally told to ignore
all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic is
shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic.
The NIC is put into promiscuous mode, and it reads communications between computers within a
particular segment. This allows the sniffer to seize everything that is flowing in the network, which can
lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware
or software solution. A sniffer is also known as a packet analyzer.
Packet sniffing would not cause large numbers of ARP packets to be sent to the wireless access point.

http://www.techopedia.com/definition/26858/initialization-vector
http://en.wikipedia.org/wiki/Bluejackinghttp://www.techopedia.com/definition/4113/sniffer


Leave a Reply