Ethical hacking essentials (EHE) module9 |\ |\ |\ |\
QUESTIONS WITH ANSWERS
|\ |\ |\
Mobile platform attack vectors make mobile phone platforms
|\ |\ |\ |\ |\ |\ |\ |\
susceptible to malicious attacks both from the network and upon
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
physical compromise. - CORRECT ANSWERS ✔✔True
|\ |\ |\ |\ |\
David, a professional hacker, was hired to attack mobile devices
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
owned by an organization. He broadcasted a well-crafted text
|\ |\ |\ |\ |\ |\ |\ |\ |\
message with a malicious link to all the organization's mobile
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
numbers to collect their personal and financial information. -
|\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔SMiShing |\ |\
SMiShing - CORRECT ANSWERS ✔✔SMS phishing (also known as
|\ |\ |\ |\ |\ |\ |\ |\ |\
SMiShing) is a type of phishing fraud in which an attacker uses
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
SMS to send text messages containing deceptive links of
|\ |\ |\ |\ |\ |\ |\ |\ |\
malicious websites or telephone numbers to a victim.
|\ |\ |\ |\ |\ |\ |\
Click-jacking - CORRECT ANSWERS ✔✔Clickjacking, also known as |\ |\ |\ |\ |\ |\ |\
a user interface redress attack, is a malicious technique used to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
trick web users into clicking something different from what they
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
think they are clicking.
|\ |\ |\
Framing - CORRECT ANSWERS ✔✔Buffer overflow is an
|\ |\ |\ |\ |\ |\ |\ |\
abnormality whereby a program, while writing data to a buffer, |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
surfeits the intended limit and overwrites the adjacent memory.
|\ |\ |\ |\ |\ |\ |\ |\
, Simjacker - CORRECT ANSWERS ✔✔Simjacker is a vulnerability
|\ |\ |\ |\ |\ |\ |\ |\
associated with a SIM card's S@T browser (SIMalliance Toolbox
|\ |\ |\ |\ |\ |\ |\ |\ |\
Browser), a pre-installed software incorporated in SIM cards to
|\ |\ |\ |\ |\ |\ |\ |\ |\
provide a set of instructions.
|\ |\ |\ |\
Sam, a professional hacker, was assigned to attack Bluetooth-
|\ |\ |\ |\ |\ |\ |\ |\
enabled devices at a coffee shop. He employed a process to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
compromise the Bluetooth devices that are set to discoverable |\ |\ |\ |\ |\ |\ |\ |\ |\
mode, then sniffed sensitive data from targeted devices. -
|\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Bluebugging |\ |\
Bluebugging - CORRECT ANSWERS ✔✔Setting a mobile device's |\ |\ |\ |\ |\ |\ |\ |\
Bluetooth connection to "open" or the "discovery" mode and
|\ |\ |\ |\ |\ |\ |\ |\ |\
turning on the automatic Wi-Fi connection capability, particularly
|\ |\ |\ |\ |\ |\ |\ |\
in public places, pose significant risks to mobile devices.
|\ |\ |\ |\ |\ |\ |\ |\
Man-in-the-mobile - CORRECT ANSWERS ✔✔An attacker implants |\ |\ |\ |\ |\ |\ |\
malicious code into the victim's mobile device to bypass
|\ |\ |\ |\ |\ |\ |\ |\ |\
password verification systems that send one-time passwords
|\ |\ |\ |\ |\ |\ |\
(OTPs) via SMS or voice calls. Thereafter, the malware relays the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
gathered information to the attacker. |\ |\ |\ |\
MAC flooding - CORRECT ANSWERS ✔✔Switches maintain a
|\ |\ |\ |\ |\ |\ |\ |\
translation table that maps various MAC addresses to the |\ |\ |\ |\ |\ |\ |\ |\ |\
physical ports on the switch. As a result, they can intelligently
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
route packets from one host to another.
|\ |\ |\ |\ |\ |\
Bluesmacking - CORRECT ANSWERS ✔✔A Bluesmacking attack |\ |\ |\ |\ |\ |\ |\
occurs when an attacker sends an oversized ping packet to a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
victim's device, causing a buffer overflow. This type of attack is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
QUESTIONS WITH ANSWERS
|\ |\ |\
Mobile platform attack vectors make mobile phone platforms
|\ |\ |\ |\ |\ |\ |\ |\
susceptible to malicious attacks both from the network and upon
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
physical compromise. - CORRECT ANSWERS ✔✔True
|\ |\ |\ |\ |\
David, a professional hacker, was hired to attack mobile devices
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
owned by an organization. He broadcasted a well-crafted text
|\ |\ |\ |\ |\ |\ |\ |\ |\
message with a malicious link to all the organization's mobile
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
numbers to collect their personal and financial information. -
|\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔SMiShing |\ |\
SMiShing - CORRECT ANSWERS ✔✔SMS phishing (also known as
|\ |\ |\ |\ |\ |\ |\ |\ |\
SMiShing) is a type of phishing fraud in which an attacker uses
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
SMS to send text messages containing deceptive links of
|\ |\ |\ |\ |\ |\ |\ |\ |\
malicious websites or telephone numbers to a victim.
|\ |\ |\ |\ |\ |\ |\
Click-jacking - CORRECT ANSWERS ✔✔Clickjacking, also known as |\ |\ |\ |\ |\ |\ |\
a user interface redress attack, is a malicious technique used to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
trick web users into clicking something different from what they
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
think they are clicking.
|\ |\ |\
Framing - CORRECT ANSWERS ✔✔Buffer overflow is an
|\ |\ |\ |\ |\ |\ |\ |\
abnormality whereby a program, while writing data to a buffer, |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
surfeits the intended limit and overwrites the adjacent memory.
|\ |\ |\ |\ |\ |\ |\ |\
, Simjacker - CORRECT ANSWERS ✔✔Simjacker is a vulnerability
|\ |\ |\ |\ |\ |\ |\ |\
associated with a SIM card's S@T browser (SIMalliance Toolbox
|\ |\ |\ |\ |\ |\ |\ |\ |\
Browser), a pre-installed software incorporated in SIM cards to
|\ |\ |\ |\ |\ |\ |\ |\ |\
provide a set of instructions.
|\ |\ |\ |\
Sam, a professional hacker, was assigned to attack Bluetooth-
|\ |\ |\ |\ |\ |\ |\ |\
enabled devices at a coffee shop. He employed a process to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
compromise the Bluetooth devices that are set to discoverable |\ |\ |\ |\ |\ |\ |\ |\ |\
mode, then sniffed sensitive data from targeted devices. -
|\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔Bluebugging |\ |\
Bluebugging - CORRECT ANSWERS ✔✔Setting a mobile device's |\ |\ |\ |\ |\ |\ |\ |\
Bluetooth connection to "open" or the "discovery" mode and
|\ |\ |\ |\ |\ |\ |\ |\ |\
turning on the automatic Wi-Fi connection capability, particularly
|\ |\ |\ |\ |\ |\ |\ |\
in public places, pose significant risks to mobile devices.
|\ |\ |\ |\ |\ |\ |\ |\
Man-in-the-mobile - CORRECT ANSWERS ✔✔An attacker implants |\ |\ |\ |\ |\ |\ |\
malicious code into the victim's mobile device to bypass
|\ |\ |\ |\ |\ |\ |\ |\ |\
password verification systems that send one-time passwords
|\ |\ |\ |\ |\ |\ |\
(OTPs) via SMS or voice calls. Thereafter, the malware relays the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
gathered information to the attacker. |\ |\ |\ |\
MAC flooding - CORRECT ANSWERS ✔✔Switches maintain a
|\ |\ |\ |\ |\ |\ |\ |\
translation table that maps various MAC addresses to the |\ |\ |\ |\ |\ |\ |\ |\ |\
physical ports on the switch. As a result, they can intelligently
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
route packets from one host to another.
|\ |\ |\ |\ |\ |\
Bluesmacking - CORRECT ANSWERS ✔✔A Bluesmacking attack |\ |\ |\ |\ |\ |\ |\
occurs when an attacker sends an oversized ping packet to a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
victim's device, causing a buffer overflow. This type of attack is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
