CompTIA Security Plus Mock Test Q566

An administrator has advised against the use of Bluetooth phones due to bluesnarfing concerns. Which of the following is an example of this threat?

A. An attacker using the phone remotely for spoofing other phone numbers
B. Unauthorized intrusions into the phone to access data
C. The Bluetooth enabled phone causing signal interference with the network
D. An attacker using exploits that allow the phone to be disabled


Correct Answer: B
Section: Threats and Vulnerabilities

Explanation:
Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information — such as the user’s calendar, contact list and e-mail and text messages — without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled.

Incorrect Answers:
A: An attacker using the phone remotely for spoofing other phone numbers is not an example of bluesnarfing. Bluesnarfing is the theft of data from a mobile device over a Bluetooth connection.
C: A Bluetooth enabled phone causing signal interference with the network is an example of interference, not bluesnarfing. Bluesnarfing is the theft of data from a mobile device over a Bluetooth connection.
D: An attacker using exploits that allow the phone to be disabled is not an example of bluesnarfing. Bluesnarfing is the theft of data from a mobile device over a Bluetooth connection, not the disabling of a mobile device.

References:
http://searchmobilecomputing.techtarget.com/definition/bluesnarfing