CompTIA Security Plus Mock Test Q564

Which of the following is characterized by an attack against a mobile device?

A. Evil twin
B. Header manipulation
C. Blue jacking
D. Rogue AP

Correct Answer: C
Section: Threats and Vulnerabilities

Explanation:
A bluejacking attack is where unsolicited messages are sent to mobile devices using Bluetooth.
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.
Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.
Bluejacking is usually harmless, but because bluejacked people generally don’t know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it’s possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

Incorrect Answers:
A: An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate provider. In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a phishing technique.
For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate hotspot with the same name. A mobile device could connect to an evil twin access point but an evil twin is does not attack a mobile device.
B: Header manipulation is an attack on an application that access web pages or web services. It involves introducing unvalidated data in an HTTP response header which can enable cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect. It is not used as a direct attack on a mobile device.
D: A rogue access point is a wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator, or has been created to allow a hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security threat to large organizations with many employees, because anyone with access to the premises can install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to a secure network to unauthorized parties. Rogue access points of the second kind target networks that do not employ mutual authentication (client-server server-client) and may be used in conjunction with a rogue RADIUS server, depending on security configuration of the target network. Similar to an evil twin, a mobile device could connect to a rogue access point but an evil twin is does not attack a mobile device.

References:
http://en.wikipedia.org/wiki/Bluejacking
http://www.techopedia.com/definition/5057/evil-twin
http://en.wikipedia.org/wiki/Rogue_access_point