CompTIA Security Plus Mock Test Q554

Which of the following is where an unauthorized device is found allowing access to a network?

A. Bluesnarfing
B. Rogue access point
C. Honeypot
D. IV attack

Correct Answer: B
Section: Threats and Vulnerabilities

A rogue access point is a wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator, or has been created to allow a hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security threat to large organizations with many employees, because anyone with access to the premises can install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to a secure network to unauthorized parties. Rogue access points of the second kind target networks that do not employ mutual authentication (client-server server-client) and may be used in conjunction with a rogue RADIUS server, depending on security configuration of the target network.
To prevent the installation of rogue access points, organizations can install wireless intrusion prevention systems to monitor the radio spectrum for unauthorized access points.

Incorrect Answers:
A: Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile hone, an attacker can access information — such as the user’s calendar, contact list and e-mail and text messages — without leaving any evidence of the attack. Other devices that se Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some evices, but others are vulnerable as long as Bluetooth is enabled. This is not what is described in this question.
C: A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study the attack to research current attack methodologies.
A Honeypot luring a hacker into a system has several main purposes:
The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning where the system has weaknesses that need to be redesigned.
The hacker can be caught and stopped while trying to obtain root access to the system.
By studying the activities of hackers, designers can better create more secure systems that are potentially invulnerable to future hackers.
This is not what is described in this question.
D: An initialization vector is a random number used in combination with a secret key as a means to encrypt data. This number is sometimes referred to as a nonce, or “number ccurring once,” as an encryption program uses it only once per session.
An initialization vector is used to avoid repetition during the data encryption process, making it impossible for hackers who use dictionary attack to decrypt the exchanged encrypted essage by discovering a pattern. This is known as an IV attack.
A particular binary sequence may be repeated more than once in a message, and the more it appears, the more the encryption method is discoverable. For example if a one-letter ord exists in a message, it may be either “a” or “I” but it can’t be “e” because the word “e” is non-sensical in English, while “a” has a meaning and “I” has a meaning. Repeating the ords and letters makes it possible for software to apply a dictionary and discover the binary sequence corresponding to each letter.
Using an initialization vector changes the binary sequence corresponding to each letter, enabling the letter “a” to be represented by a particular sequence in the first instance, and then epresented by a completely different binary sequence in the second instance.
This is not what is described in this question.