Exam SY0-601 topic 1 question 411 discussion

B. Bluejacking The attack method used to insert contacts into the corporate mobile device without physical access is called "Bluejacking." Bluejacking is a type of cyberattack where an attacker sends unsolicited messages or contacts to Bluetooth-enabled devices, such as smartphones, tablets, or laptops. The attack takes advantage of the Bluetooth feature's ability to discover nearby devices and receive incoming messages or contacts. In this scenario, while the employee was on vacation, an attacker likely exploited the Bluetooth feature on the corporate mobile device to send and insert modified contacts into the device. The attack is carried out without the attacker needing to physically access the device, as long as the device's Bluetooth functionality is enabled and set to discoverable mode.

B. Bluejacking. They are ALL wrong. But bluejacking is the least wrong. I think that bluesnarfing would be the best answer if it where there.

In this scenario, the attacker likely sent the contacts to the employee's corporate mobile device via Bluetooth while the device was in discoverable mode during the vacation.

Bluesnarfing is the unauthorized access to or theft of information from a Bluetooth device

Bluesnarfing is the real answer. Bluejacking just sends unsolicited messages to your phone.

it would be correct if it was bluesnarfing, the correct answer is the letter D.

Bluejacking: Bluejacking is where an attacker takes control of a Bluetooth device such as a phone. They are then able to make phone calls and send text messages.(probably even modify contacts)

I don't think it's bluejacking guys mainly because the question said that the contacts were "modified". You wouldn't be able to do that with bluejacking only with bluesnarfing. But since bluesnarfing is not an option, I have to go with evil twin. "Bluesnarfing takes advantage of security weaknesses in older Bluetooth implementations, specifically the OBEX (Object Exchange) protocol used for transferring data between Bluetooth devices. By exploiting these vulnerabilities, an attacker can gain unauthorized access to the target device's data, including contacts, text messages, emails, calendars, photos, and other stored information. The process of bluesnarfing typically involves an attacker using specialized software and tools to discover vulnerable Bluetooth devices within their range. Once a vulnerable device is identified, the attacker establishes a connection with it without the user's knowledge or consent. This allows the attacker to extract or manipulate data on the compromised device."

The correct answer is B. Bluejacking is a method in which an attacker sends unsolicited messages or contacts to nearby Bluetooth-enabled devices, typically for spamming or phishing purposes. The attacker does not need physical access to the device and can transmit the data from a short distance away. In this case, the employee's mobile device was likely in discoverable mode, which allowed the attacker to send the modified contacts to the device via Bluetooth.

An attacker could have used Bluejacking to insert contacts into the corporate mobile device without having physical access to it. Bluejacking is a type of attack that exploits Bluetooth technology to send unsolicited messages or contacts to a device.

Bluejacking is a possible method that an attacker could use to insert contacts into a corporate mobile device without having physical access to the device. Bluejacking is a Bluetooth-based attack where the attacker sends unsolicited messages or data to a device over Bluetooth. In this case, the attacker could send a vCard containing the modified contacts to the employee's mobile device over Bluetooth without the employee's knowledge or consent.

Quoting Mike Mayer's guide: "Bluejacking involves sending data to a target device, such as a smartphone, usually in the form of unsolicited text messages. Although mostly harmless, bluejacking can be annoying at best and constitutes harassment at worst. Bluejacking does not involve removing data from the device."

-B is correct The given scenario is suggestive of a possible Bluetooth hacking attack known as "Bluejacking". In a Bluejacking attack, an attacker sends unsolicited messages or vCards (contacts) to nearby Bluetooth-enabled devices, with the intention of causing annoyance or harm. It can also be used to gain access to the target device or execute malicious code. In this case, the employee's mobile device was compromised while connected to an unsecured public network during the vacation.