Читаем CISSP Practice полностью

d. Radio frequency scrambling attack

76. b. Exploitation of unencrypted management messages can result in subtle denial-of-service (DoS), replay, or manipulation attacks that are difficult to detect. These attacks spoof management messages. A water torture attack is an example of subtle DoS attack in which an adversary drains a client node’s battery by sending a constant series of management messages to the SS/MS. Radio frequency (RF) jamming is classified as a DoS attack. RF scrambling attacks are the precise injections of RF interference during the transmission of specific management messages. A man-in-the-middle (MitM) attack occurs when an adversary deceives an SS/MS to appear as a legitimate base station (BS) while simultaneously deceiving a BS to appear as a legitimate SS/MS.

77. Regarding worldwide interoperability for microwave access (WiMAX) security, which of the following is not a weakness of data encryption standard-cipher block chaining (DES-CBC) algorithm?

a. Replay attack

b. Denial-of-service attack

c. Eavesdropping attack

d. Man-in-the-middle attack

77. a. The weaknesses of data encryption standard-cipher block chaining (DES-CBC) are well documented, and include denial-of-service (DoS), eavesdropping, and man-in-the-middle (MitM) attacks. Replay attacks occur when adversaries reuse expired traffic encryption keys (TEKs). Replay attacks lead to unauthorized disclosure of information and compromise of the TEK.

78. For worldwide interoperability for microwave access (WiMAX) security, denial-of-service (DoS) attacks occur due to which of the following?

1. Lack of mutual authentication

2. Use of nonunicast messages

3. Use of wireless technology as a communications medium

4. Use of unencrypted management messages

a. 1 and 2

b. 1 and 3

c. 2 and 3

d. 1, 2, 3, and 4

78. d. Lack of mutual authentication occurs between subscriber’s station (SS) and base station (BS). This may enable a rogue BS operator to degrade performance or steal information by conducting denial-of-service (DoS) or forgery attacks against client SSs. In unencrypted management messages, nonunicast messages open WiMAX systems to DoS attacks. In the use of wireless as a communications medium, a DoS attack can be executed by the introduction of a powerful radio frequency (RF) source intended to overwhelm system radio spectrum.

79. For worldwide interoperability for microwave access (WiMAX) security, replay attacks occur due to which of the following?

1. Injection of reused traffic encryption key

2. Insecure unicast messages

3. Unencrypted management messages

4. Insecure nonunicast messages

a. 1 and 2

b. 1 and 3

c. 2 and 3

d. 3 and 4

79. b. Replay attacks occur due to injection of reused traffic encryption key (TEK) and unencrypted management messages. Integrity checks are added to unicast messages to prevent replay attacks. Nonunicast messages are open to DoS attacks.

80. For worldwide interoperability for microwave access (WiMAX) security, a countermeasure for man-in-the-middle (MitM) attack is:

a. DES-CBC

b. AES-CCM

c. AES only

d. VPN only

80. b. If a WiMAX system is not using the advanced encryption standard Counter with CBC message authentication code (AES-CCM), it can open up the possibility of a MitM attack. Data encryption standard-cipher block chaining (DES-CBC) is a weak algorithm that cannot ensure confidentiality of data and may lead to MitM attack. Virtual private network (VPN) is a mature technology and cannot defend against the MitM attacks. The advanced encryption standard (AES) is not as strong as the AES-CCM.

81. Which of the following worldwide interoperability for microwave access (WiMAX) operating topologies uses only the non-line-of-sight (NLOS) signal propagation?

a. Point-to-point

b. Point-to-multipoint

c. Multihop relay

d. Mobile