2.3.12

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following BEST describes an inside attacker? -An unintentional threat actor. This is the most common threat. -An attacker with lots of resources and money at their disposal. -A good guy who tries to help a company see their vulnerabilities. -An agent who uses their technical knowledge to bypass security.

An unintentional threat actor. This is the most common threat.

Compliments, misinformation, feigning ignorance, and being a good listener are tactics of which social engineering technique? -Elicitation -Interrogation -Impersonation -Preloading

Elicitation

Jason is at home, attempting to access the website for his music store. When he goes to the website, it has a simple form asking for a name, email, and phone number. This is not the music store website. Jason is sure the website has been hacked. How did the attacker accomplish this hack? -DNS cache poisoning -Feigning ignorance -Host file modification -Social networking

DNS cache poisoning

Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a while. June, an administrative assistant at the law firm, is having lunch at the food court around the corner from her office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a conversation about dogs. Which phase of the social engineering process is Ron in? -Development phase -Research phase -Exploitation phase -Elicitation phase

Development phase

Which of the following is a common social engineering attack? -Distributing hoax virus-information emails -Logging on with stolen credentials -Distributing false information about an organization's financial status -Using a sniffer to capture network traffic

Distributing hoax virus-information emails

Having a legitimate reason for approaching someone to ask for sensitive information is called what? -Preloading -Impersonation -Footprinting -Pretexting

Impersonation

Social engineers are master manipulators. Which of the following are tactics they might use? -Eavesdropping, ignorance, and threatening -Keylogging, shoulder surfing, and moral obligation -Shoulder surfing, eavesdropping, and keylogging -Moral obligation, ignorance, and threatening

Moral obligation, ignorance, and threatening

Any attack involving human interaction of some kind is referred to as what? -Social engineering -A white hat hacker -An opportunistic attack -Attacker manipulation

Social engineering

An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. The individual is engaging in which type of social engineering? -Authority -Persuasive -Social validation -Commitment

Authority

Which of the following are examples of social engineering attacks? (Select three.) -Port scanning -Shoulder surfing -Keylogging -Impersonation -War dialing

Shoulder surfing Keylogging Impersonation


Kaugnay na mga set ng pag-aaral

Chapter 7- Workforce, Chapter 8- Employment Process

View Set

Comm. Training and Development: Reading Notes

View Set

AP Psychology Unit 5 - AP Classroom Questions

View Set

Accounting Chapter 16 True or False

View Set