Ch. 17 Social Engineering, User Education and Facilities Security Quiz
Which of these is an example of social engineering?
Asking for a username and password over the phone
Of the following, which type of fire suppression can prevent damage to computers and servers?
CO2
If a fire occurs in the server room, which device is the best method to put it out?
Class C extinguisher
You go out the back door of your building and notice someone looking through your company's trash. If this person were trying to acquire sensitive information, what would this attack be known as?
Dumpster diving
User education can help to defend against which of the following? (Select the three best answers.)
Dumpster diving Social engineering Phishing
In addition to bribery and forgery, which of the following are the most common techniques that attackers use to socially engineer people? (Select the two best answers.)
Flattery Dumpster diving
Which of the following environmental variables reduces the possibility of static discharges (ESD)?
Humidity
Jeff wants to employ a Faraday cage. What will this accomplish?
It will reduce data emanations.
What is the most common reason that social engineering succeeds?
Lack of user awareness
You need to protect your data center from unauthorized entry at all times. Which is the best type of physical security to implement?
Mantrap
Of the following definitions, which would be an example of eavesdropping?
Overhearing parts of a conversation
Turnstiles, double entry doors, and security guards are all preventative measures for what kind of social engineering?
Piggybacking
In which two environments would social engineering attacks be most effective? (Select the two best answers.)
Public building with shared office space An organization whose IT personnel have little training
You have been ordered to implement a secure shredding system as well as privacy screens. What two attacks is your organization attempting to mitigate?
Shoulder surfing Dumpster diving
What devices will not be able to communicate in a Faraday cage? (Select the two best answers.)
Smartphones Tablets
A man pretending to be a data communications repair technician enters your building and states that there is networking trouble and he needs access to the server room. What is this an example of?
Social engineering
Which of the following targets specific people?
Spear phishing
Why would you implement password masking?
To deter shoulder surfing
Which of the following is a strategy that targets users based on the common websites that they frequent?
Watering hole
A targeted e-mail attack is received by your organization's CFO. What is this an example of?
Whaling
