Sec+ 09-10 Mobile Security

Wireless Network Security Attacks

Includes various methods used to exploit vulnerabilities in wireless networks, such as unauthorized access, data interception, and denial of service.

Bluetooth

A wireless technology that uses short-range radio frequency transmissions to allow devices to communicate over a personal area network.

Piconet

A small network with a master device controlling up to seven active slave devices, commonly seen in Bluetooth setups.

Scatternet

A network formed by connecting multiple piconets, allowing for communication between devices in different piconets.

Bluejacking

An attack that sends unsolicited messages to Bluetooth-enabled devices, considered more annoying than harmful.

Bluesnarfing

An attack that gains unauthorized access to data on a Bluetooth device, allowing the attacker to copy emails, contacts, or other data.

Near Field Communication (NFC)

A set of standards for smartphones and smart cards to establish communication between devices in close proximity, commonly used for contactless payment.

Eavesdropping

Intercepting communications between devices to steal sensitive data, requiring the attacker to be extremely close.

WEP (Wired Equivalent Privacy)

An outdated security protocol for wireless networks that uses weak encryption and is vulnerable to attacks due to short initialization vectors.

WPA (Wi-Fi Protected Access)

A security protocol designed to secure wireless networks, utilizing dynamic key generation and Temporal Key Integrity Protocol (TKIP) for encryption.

WPA2 (Wi-Fi Protected Access 2)

The second generation of WPA that utilizes Advanced Encryption Standard (AES) for stronger encryption and security.

BYOD (Bring Your Own Device)

A policy that allows employees to use their personal devices for work purposes, raising concerns about security and device management.

Device Loss or Theft

Risk associated with mobile devices, where losing the device can expose sensitive information to unauthorized users.

Mobile Device Management (MDM)

Tools and services that allow for remote management of mobile devices, including updates, security settings, and inventory control.

MAC Address Filtering

A security method that restricts access to a wireless network by permitting or blocking devices based on their MAC addresses.

SSID Broadcast

The process of transmitting the name of a wireless network, which can be intercepted by attackers if not properly secured.

Evil Twin

A rogue access point that masquerades as a legitimate access point to eavesdrop on wireless communications.

Firewalls

Security systems that monitor and control incoming and outgoing network traffic based on predetermined security rules.

Encryption

The process of converting plaintext into ciphertext to protect data from unauthorized access during transmission or storage.

Vulnerabilities in IEEE 802.11 Security

Weaknesses in the wireless standard that can be exploited, leading to various security attacks on wireless networks.

Captive Portal Access Points

A type of access point that requires users to agree to terms or provide credentials before granting access to the network.

Device Theft Prevention

Strategies to protect mobile devices from being stolen, including physical security measures and user awareness.

Network Interface Card (NIC)

A hardware component that connects a device to a network, capable of both wired and wireless connections.

WPA3 is the latest security protocol that aims to improve ________ and ________ in wireless networks.

security and encryption.

A ________ is a type of wireless network that uses a master device to control connections with slave devices.

piconet.

Bluetooth technology primarily operates in the ________ frequency range.

2.4 GHz.

________ can allow unauthorized users to intercept data during wireless communication.

Eavesdropping.

The process of hiding a network name from the public is called ________.

SSID hiding.

A security measure that ensures only authorized users can access a network is known as ________ authentication.

user.

The risk of ________ can occur when a device is lost or stolen, leading to data breaches.

device theft.

________ stands for Bring Your Own Device, referring to the practice of employees using personal devices for work.

BYOD.

A method implemented to control access to a wireless network by checking the ________ addresses of devices.

MAC.

Captive portal access points often require users to enter ________ before granting access to the internet.

credentials.

What is the purpose of WPA3 security protocol?

To improve security and encryption in wireless networks.

How many active slave devices can a master device control in a piconet?

Up to seven active slave devices.

What frequency range does Bluetooth technology operate in?

2.4 GHz.

What does eavesdropping refer to in wireless communications?

Intercepting communications between devices to steal sensitive data.

What is SSID hiding?

The process of concealing the name of a wireless network from the public.

What is user authentication?

A security measure ensuring only authorized users can access a network.

What risk is associated with device loss or theft?

Exposure of sensitive information to unauthorized users.

What does BYOD stand for?

Bring Your Own Device.

What does MAC address filtering restrict?

Access to a wireless network based on the MAC addresses of devices.

What is a captive portal access point?

An access point that requires users to agree to terms or provide credentials before accessing the network.