CompTIA PenTest+ (PT0-002) — Question 419

During a penetration test, a tester is in close proximity to a corporate mobile device belonging to a network administrator that is broadcasting Bluetooth frames.
Which of the following is an example of a Bluesnarfing attack that the penetration tester can perform?

Answer options

• A. Sniff and then crack the WPS PIN on an associated WiFi device.
• B. Dump the user address book on the device.
• C. Break a connection between two Bluetooth devices.
• D. Transmit text messages to the device.

Correct answer: B

Explanation

The correct answer is B, as Bluesnarfing specifically involves unauthorized access to the information stored on a Bluetooth-enabled device, such as the user address book. Options A, C, and D do not involve accessing stored data on the device; instead, they relate to WiFi security, disrupting connections, or messaging, none of which constitute Bluesnarfing.