Copyright Goodheart-Willcox Co., Inc. 473 8. Return to the command prompt, and run getmac again. Provide a screenshot of your spoofed MAC address. 9. After observing this change, return to the Network Address property, and select the Not Present option to use the default MAC address. 10. How can knowing the manufacturer of a MAC address aid you in securing your wireless network infrastructure or analyzing a possible attack? CASE STUDY Android Devices and Bluetooth Hacks In February 2020, an advisory was issued that alerted Android users of a Bluetooth vulnerability that enabled phones to be hacked wirelessly without user knowledge. While the hacker would have to be within Bluetooth range, no user interaction to the device needs to occur, and the hacker can steal personal data and spread malware. The only Android devices found to be seemingly unaffected were devices running Android 10, as well as a handful of Google Pixel and certain Android One phones, depending on the software version installed. Unfortunately, the flaw is not easily patched unless mobile carriers have issued patches for specific Android devices. As of this writing, the problem is ongoing. 1. Based on this flaw, do you think Android users should avoid using Bluetooth- enabled devices, particularly in crowded areas, such as public transportation? Defend your response. 2. This hack only works if a hacker knows a device’s Bluetooth MAC address, which is generally broadcasted in discovery mode. Many users are unaware of this setting and the risk it exposes. List strategies for educating Android users about Bluetooth settings and inherent vulnerabilities. 3. Android devices appear to be more prone to attacks, such as this Bluetooth vulnerability. Knowing this, explain whether you would recommend allowing or disallowing Android devices on your network. How can you keep these devices from infecting other hosts on the network? 4. Mobile devices are prime targets for hackers due to their widespread use and availability to both consumers and hackers alike. Since vulnerabilities and malware pose continual threats, many manufacturers no longer adequately support legacy devices from a security perspective. Rather, users are often instructed to upgrade their devices. Who has a greater responsibility in protecting the data in this scenario: the manufacturer of the older device or the user who does not upgrade to a newer device? What are some options that could help eliminate the use of older devices? Provide a detailed response.