Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities
is MOST appropriate?
A.
War dialing
B.
War chalking
C.
War driving
D.
Bluesnarfing
Explanation:
War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for
computers, Bulletin board systems and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers – malicious
hackers who specialize in computer security – for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry- point
into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a
company’s telephone network.
Incorrect Answers:
B: War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless
network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the
access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific
spot. War chalking is not used to test the security controls of modems.
Therefore, this answer is incorrect.
C: War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks while driving around a
city or elsewhere. To do war driving, you need a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in promiscuous mode, and some
kind of an antenna which can be mounted on top of or positioned inside the car. Because a wireless LAN may have a range that extends beyond an office building,
an outside user may be able to intrude into the network, obtain a free Internet connection, and possibly gain access to company records and other resources. War
driving is not used to test the security controls of modems. Therefore, this answer is incorrect.
D: Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless
technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the
way Bluetooth is implemented on a mobile phone, an attacker can access information — such as the user’s calendar, contact list and e-mail and text messages —
without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by
virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled. Bluesnarfing is
not used to test the security controls of modems.
Therefore, this answer is incorrect.http://en.wikipedia.org/wiki/War_dialing
http://www.webopedia.com/TERM/W/warchalking.html
http://searchmobilecomputing.techtarget.com/definition/war-driving http://searchmobilecomputing.techtarget.com/definition/bluesnarfing