IoT Security: Abusing Smart Lighting Systems
15 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the main limitation of the Guardian Ear, the first baby monitoring system based on Radio Waves?

  • Limited by the range of radio waves at that time (correct)
  • Incompatible with modern IoT systems
  • Unable to connect to the internet for remote monitoring
  • Vulnerable to eavesdropping attacks
  • Why are modern baby monitoring systems using WiFi considered to be at risk of eavesdropping?

  • They are vulnerable to radio scanner attacks
  • They can be accessed remotely from anywhere in the world (correct)
  • They rely on outdated encryption methods
  • They do not have secure password protection
  • What was reported about the vulnerability of Foscam baby monitors at the "Hack in the Box" conference?

  • They have weak encryption for data transmission
  • They are susceptible to eavesdropping attacks
  • They are immune to Shodan search engine queries
  • Attackers can obtain username and password once the IP address is known (correct)
  • How can Shodan search engine help in finding vulnerable Foscam baby monitors over the internet?

    <p>By querying Shodan with information from the HTTP response</p> Signup and view all the answers

    What protocol do Foscam devices use to update their hostname mapping?

    <p>User Datagram Protocol (UDP)</p> Signup and view all the answers

    How do attackers abuse their knowledge of Foscam devices' hostname ranges?

    <p>To conduct phishing attacks by querying ns1.myfoscam.org</p> Signup and view all the answers

    What is the purpose of the SLS hand-shake step 3?

    <p>To prove that you have physical access to the bridge</p> Signup and view all the answers

    What does the Access-Control-Allow-Origin header in the server response indicate?

    <p>The victim's ability to visit a website from their local network</p> Signup and view all the answers

    What is the purpose of the Smart Lighting System (SLS) hand-shake step 2?

    <p>To find your bridge and associate it with your account</p> Signup and view all the answers

    What is the SLS hand-shake step 1 about?

    <p>Creating a user account</p> Signup and view all the answers

    Which component sends a POST request during the SLS hand-shake process?

    <p>Philips Bridge</p> Signup and view all the answers

    What is the vulnerability associated with the SLS server response header?

    <p>Access-Control-Allow-Origin allowing local network website capture</p> Signup and view all the answers

    What is the purpose of the Philips Bridge in the Smart Lighting System (SLS) hand-shake?

    <p>To prove physical access to the bridge</p> Signup and view all the answers

    What does Step 3 of the SLS hand-shake involve?

    <p>Website sends Setup Complete message to backend</p> Signup and view all the answers

    What does Step 2 of SLS hand-shake involve?

    <p>Finding your bridge and associating it with your account</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser