Ch 4 Questions
A company has a list of high-value assets (HVAs). As a security analyst, what must you do to help protect those assets? (Select two.) - Make sure to implement environmental protection on all HVAs. - Make sure an incident involving one of the HVAs is always high priority. - Make sure to asses each asset and assign a criticality level. - Make sure the response team can easily identify the HVAs. - Make sure to bundle all HVAs together within the same defense strategy.
- Make sure an incident involving one of the HVAs is always high priority. - Make sure the response team can easily identify the HVAs.
Which of the following best describes a script kiddie? - A hacker who uses scripts written by much more talented individuals. - A hacker whose main purpose is to draw attention to their political views. - A hacker willing to take more risks because the payoff is a lot higher. - A hacker who helps companies see the vulnerabilities in their security.
A hacker who uses scripts written by much more talented individuals.
A security analyst and their team go through the entire list of assets in the company and assign each item a level of priority. Then they group the assets in the same levels together so they can create defense strategies for each group. What is this process called? - Security detection - Security prevention - Asset criticality - Bundling critical assets
Bundling critical assets
Robyn, a new employee, needs to choose a password to log into the system. She doesn't want to forget it, but she needs to meet certain criteria required by security. What should she do? - Choose a password that's easy to remember but doesn't include any personal information. - Choose a complicated password to meet the criteria and then write it down on a sticky note. - Choose a complicated password to meet the criteria and then store it in her cellphone. - Choose a password using personal information to make it easy to remember.
Choose a password that's easy to remember but doesn't include any personal information.
The following output was displayed using the Social Engineering Toolkit (SET). Which attack method was used to capture the user's input? - HTA attack method - Credential harvesting attack method - Metasploit browser attack method - Web jacking attack method
Credential harvesting attack method: The credential harvesting attack method sets up a mimic website where users enter credentials, which was done here.
What is vandalism? - Stealing or misusing assets - Lock-picking or scrubbing assets - Damaging or defacing assets - Completely destroying assets
Damaging or defacing assets
Ron, a hacker, wants to gain access to a prestigious law firm he has been watching for a while. June, an administrative assistant at the law firm, is having lunch at the food court around the corner from her office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a conversation about dogs. Which phase of the social engineering process is Ron in? - Elicitation phase - Research phase - Exploitation phase - Development phase
Development phase: The development phase involves two parts. They include selecting individual targets within a company and forming a relationship with those individuals.
As a security technician who is in charge of physical security for computer and network resources, you are responsible for ensuring a quick recovery should an event occur. A physical storage device controlling data backups has failed, causing corruption for a weekly full backup. It failed on Saturday. On Monday, you noticed the errors and have since run a restore of needed data and a full backup to ensure continuity. The failed device has been replaced. Since each work day creates unique data to be backed up, which type of backup would be the preferred method to make certain each day's data was properly maintained while ensuring efficiency? (The time required for backup is not a primary concern, but the time needed to restore data is, as is backup data storage space.) - Cloud backup - Incremental backup - Full backup - Differential backup
Differential backup
Compliments, misinformation, feigning ignorance, and being a good listener are tactics of which social engineering technique? - Interrogation - Elictitation - Preloading - Impersonation
Elicitation: is a technique that aims to extract information from a target without arousing suspicion. Some elicitation tactics are giving compliments, delivering misinformation, feigning ignorance, and being a good listener.
A speaker was invited to a company-wide training meeting. When he arrived, he identified himself at the front desk, and the receptionist gave him directions on how to find the conference room. What important step did the receptionist miss? - Giving him a temporary ID badge - Escorting him to the conference room - Notifying all employees of his arrival - Giving him access to the company Wi-Fi
Escorting him to the conference room
Gathering information about a system, its components, and how they work together is known as which of the following? - Attacking - Footprinting - Spoofing - Analyzing
Footprinting: is the process of gathering information about a system, its components, and how they work together.
The receptionist receives a call from a customer who asks for the customer support manager's name and email address to send them a thank you email. How should the receptionist proceed? - Forward the call to the help desk - Politely decline and hang up - Give the customer the information they're asking for - Forward the call to the customer service manager
Forward the call to the help desk
A company is in the process of hiring Jill, a new technician. HR has checked the background and references of the candidate. What are some next steps in the hiring process that HR should take? - Verify her educational records and then introduce her to the team. - Have her picture taken and create her ID badge. - Have her sign an NDA and AUPs. - Have her assigned to a workstation and introduce her to the team.
Have her sign an NDA and AUPs
You are in the process of implementing policies and procedures that require employee identification. You observe employees holding a secure door for others to pass through. Which of the following training sessions should you implement to help prevent this in the future? - Why employees should never share their ID badge with anyone. - Why employees should wear their badge at all times. - What to do if you encounter a person without a badge. - How to prevent piggybacking and tailgating.
How to prevent piggybacking and tailgating.
Which of the following BEST describes a physical barrier used to deter an aggressive intruder? - Double-entry doors - Alarmed carrier PDS - Large flowerpots - Anti-passback system
Large flowerpots
While reviewing video files from your organization's security cameras, you notice a suspicious person using piggybacking to gain access to your building. The individual in question did not have a security badge. Which of the following would you most likely implement to keep this from happening in the future? - Cable locks - Mantraps - Anti-passback - Scrubbing
Mantraps
Which of the following are tactics social engineers might use? - Keylogging, shoulder surfing, and moral obligation - Moral obligation, ignorance, and threatening - Eavesdropping, ignorance, and threatening - Shoulder surfing, eavesdropping, and keylogging
Moral obligation, ignorance, and threatening - Some of the most popular tactics they use are moral obligation, innate human trust, threatening, an easy reward, and ignorance.
Important aspects of physical security include which of the following? - Influencing the target's thoughts, opinions, and emotions before something happens - Preventing interruptions of computer services caused by problems such as fire - Implementing adequate lighting in parking lots and around employee entrances - Identifying what was broken into, what is missing, and the extent of the damage
Preventing interruptions of computer services caused by problems such as fire
What are the three factors to keep in mind with physical security? - Detection, prevention, and implementation - Prevention, detection, and recovery - Implementation, detection, and recovery - Detection, implementation, and prevention
Prevention, detection, and recovery
Which of the following BEST describes what asset criticality does? - Takes safeguards to protect assets, such as equipment. - Identifies the extent of damage done to an asset. - Implements security procedures to minimize the impact of an attack. - Prioritizes systems for scanning and remediation.
Prioritizes systems for scanning and remediation.
A person in a dark grey hoodie has jumped the fence at your research center. A security guard has detained this person, denying them physical access. Which of the following areas of physical security is the security guard currently in? - Security sequence - Security factors - Physical control - Layered defense
Security sequence
Brandon is helping Fred with his computer. He needs Fred to enter his username and password into the system. Fred enters the username and password while Brandon is watching him. Brandon explains to Fred that it is not a good idea to allow anyone to watch you type in usernames or passwords. Which type of social engineering attack is Fred referring to? - Keylogging - Eavesdropping - Shoulder surfing - Spam and spim
Shoulder surfing: Shoulder surfing involves looking over someone's shoulder while they work on a computer to see usernames, passwords, or account numbers.
You have a set of DVD-RW discs that were used to archive files from your latest project. You need to prevent the sensitive information on the discs from being compromised. Which of the following methods should you use to destroy the data? - Write junk data on the discs. - Delete the data on the discs. - Shred the discs. - Degauss the discs.
Shred the discs.
Any attack involving human interaction of some kind is referred to as which of the following? - Social engineering - An opportunistic attack - An authorized hacker - Attacker manipulation
Social engineering: refers to any attack involving human interaction of some kind.
You are instant messaging a coworker, and you get a malicious link. Which type of social engineering attack is this? - Hoax - Spim - Spam - Surf
Spim: Spim is a malicious link sent to the target over instant messaging.
You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to the locked door in the reception area. They use an iPad application to log any security events that may occur. They also use their iPad to complete work tasks as assigned by the organization's CEO. What could you do to add an additional layer of security to this organization? - Require users to use workstation screensaver passwords. - Move the receptionist's desk into the secured area. - Train the receptionist to keep his or her iPad in a locked drawer. - Replace the biometric locks with smart cards.
Train the receptionist to keep his or her iPad in a locked drawer.
You want to properly dispose of papers with sensitive content. You want to ensure that it's nearly impossible for a dumpster diver to put the information back together. What should you do? - Use a strip-cut shredder - Use the recycle bin - Use a crosscut shredder - Use an incinerator
Use a crosscut shredder
You have implemented a regular backup schedule for a Windows system, backing up data files every night and creating a system image backup once per week. For security reasons, your company has decided not to store a redundant copy of the backup media at an off-site location. Which of the following would be the best backup and storage option? - Use differential backups and store them in a locked room. - Use incremental backups and store them in a drawer in your office. - Use differential backups and store them on a shelf next to the backup device. - Use incremental backups and store them in a locked, fireproof safe.
Use incremental backups and store them in a locked, fireproof safe.
A resentful employee hacks into a company's website and replaces all the text and images with obscene material. They also replace all links with malicious ones. This is an example of which of the following? - BIOS access attack - Cold boot attack - Destruction - Vandalism
Vandalism