Effective CISSP Questions

A personal area network (PAN) is a network that connects devices within an individual’s workspace. IrDA, Wireless USB, Bluetooth, and ZigBee are well-know wireless PAN (WPAN) technologies. Which of the following attacks can gain access to a device on a WPAN and use its commands without informing the user?
A. Bluejacking
B. Fuzzing Attacks
C. Bluebugging
D. ZigBee Traps

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Bluebugging.

ZigBee Traps is a distractor. The following is an excerpt from NIST SP 800-121 R2 Draft (Guide to Bluetooth Security):

Bluetooth Threats

  1. Bluesnarfing
    Bluesnarfing enables attackers to gain access to a Bluetooth enabled device by exploiting a firmware flaw in older (circa 2003) devices. This attack forces a connection to a Bluetooth device, allowing access to data stored on the device including the device’s intemnational mobile equipment identity (IMED). The IMEI is a unique identiffer for each device that an attacker could potentially use to route all incoming calls from the user’s device to the attacker’s device.
  2. Bluejacking
    Bluejacking is an attack conducted on Bluetooth enabled mobile devices, such as cell phones. An attacker initiates bluejacking by sending unsolicited messages to the user of a Bluetooth enabled device. The actual messages do not cause harm to the user’s device, but they may entice the user to respond in some fashion or add the new contact to the device’s address book. This message-sending attack resembles spam and phishing attacks conducted against email users. Bluejacking can cause harm when a user initiates a response to a bluejacking message sent with a harmful intent.
  3. Bluebugging
    Bluebugging exploits a security flaw in the fimmware of some older (circa 2004) Bluetooth devices to gain access to the device and its commands. This attack uses the commands of the device without informing the user, allowing the attacker to access data, place phone calls, eavesdrop on phone calls, send messages, and exploit other services or featires offered by the device.
  4. Car Whisperer
    Car Whisperer is a software tool developed by European security researchers that exploits the use of a standard (non-random) passkey in hands-free Bluetooth car kits installed in automobiles. The Car Whisperer software allows an attacker to send to or receive audio from the car kit. An attacker could transmit audio to the car’s speakers or receive audio (eavesdrop) from the microphone in the car.
  5. Denial of Service
    Like other wireless technologies, Bluetooth is susceptible to DoS attacks. Impacts include making a device’s Bluetooth interface unusable and draining the device’s battery. These types of attacks are not significant and, because of the proximity required for Bluetooth use, can usually be easily averted by simply moving out of range.
  6. Fuzzing Attacks
    Bluetooth fuzzing attacks consist of sending malformed or otherwise non-standard data to a device’s Bluetooth radio and observing how the device reacts. If a device’s operation is slowed or stopped by these attacks, a serious vulnerability potentially exists in the protocol stack.
  7. Pairing Eavesdropping
    PIN/ Legacy Pairing (Bluetooth 2.0 and earlier) and low energy Legacy Pairing are susceptible to eavesdropping attacks. The successful eavesdropper who collects all pairing frames can determine the secret key(s) given sufficient time, which allows trusted device impersonat ion and active /passive data decryption.
  8. Secure Simple Pairing Attacks
    A number of techniques can force a remote device to use Just Works SSP and then exploit its lack of MITM protection (e.g,, the attack device claims that it has no input/output capabilities). Further, fixed passkeys could allow an attacker to perform MITM attacks as well.

Source: NIST SP 800-121 R2 Draft (Guide to Bluetooth Security)



My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

個人局域網(PAN)是連接個人工作空間內的設備的網絡。 IrDA、無線USB、藍牙和ZigBee是眾所周知的無線PAN(WPAN)技術。 下列哪項攻擊可以在不通知用戶的情況下訪問WPAN上的設備並使用其命令?
A. Bluejacking
B. Fuzzing Attacks
C. Bluebugging
D. ZigBee Traps

Leave a Reply