Security+ Question of the Week: Suspicious Location-Based Messages

On your commute to work each day, you notice that you receive several suspicious messages to your phone. The messages are very similar, appearing on your phone when you drive by a certain building on your regular route to work. In order to test a theory, you place your phone in airplane mode then re‐enable just the 3G/4G feature. After several days of driving past the same location, you do not receive any additional messages. What is the likely cause of these messages?

A. Bluejacking
B. Bluebugging
C. Ad‐hoc wireless network connections
D. Geotagging

Reveal Answer

The correct answer is A.

This situation indicates that bluejacking is taking place. Bluejacking is the sending of messages to a device over Bluetooth. If your Bluetooth adapter is turned off, then you cannot receive bluejack messages.

Answer B, Bluebugging, it the ability for a hacker to remotely control a device over Bluetooth, such as turning on the microphone to use the device as a remote bug. Bluebugging would not trigger messages on your device so this this type of attack is not what is occurring in this situation. Answer C is also incorrect because your device will not auto-connect to and not display message about ad-hoc wireless networks. Infrastructure mode wireless networks hosted by a base station is possible, but not ad-hoc. Answer D, Geotagging, is the recording of GPS or other location information into media or messages on a mobile device. It would not cause messages to appear on your device.

Related Courses
Security+ Prep Course (SY0-401)
Security+ Certification Boot Camp (SY0-401)

Security+ Question of the Week (SY0-401) Series

• Security+ Question of the Week: Deploying a Firewall
• Security+ Question of the Week: Flood Guard
• Security+ Question of the Week: iSCSI
• Security+ Question of the Week: Wireless MAC Filtering
• Security+ Question of the Week: Quantitative Analysis
• Security+ Question of the Week: Contracts
• Security+ Question of the Week: System Clock
• Security+ Question of the Week: Security Breach Incident Response
• Security+ Question of the Week: Reduce Electrostatic Discharge
• Security+ Question of the Week: Planting Malware
• Security+ Question of the Week: Network Hardening
• Security+ Question of the Week: Fuzzing
• Security+ Question of the Week: Single Sign‐On
• Security+ Question of the Week: Digital Envelope
• Security+ Question of the Week: Confining Communications to a Subnet
• Security+ Question of the Week: DoS Tool
• Security+ Question of the Week: Intranet Defense
• Security+ Question of the Week: War Driving
• Security+ Question of the Week: User Rights and Permissions Checks
• Security+ Question of the Week: Third Party Partnerships
• Security+ Question of the Week: Indicator of Integrity
• Security+ Question of the Week: Incident Response Procedure
• Security+ Question of the Week: Good Password Behavior
• Security+ Question of the Week: Tailgating
• Security+ Question of the Week: Differential Backup
• Security+ Question of the Week: Government and Military
• Security+ Question of the Week: Backdoor
• Security+ Question of the Week: Wrong Name or Address
• Security+ Question of the Week: Increase in Email Hoaxes
• Security+ Question of the Week: Suspicious Location-Based Messages

from
CERTIVIEW