HOD401 Chapter 10
1. Phishing takes place using __________. A. Instant messaging B. Email C. Websites D. Piggybacking
a
6. Social engineering is designed to __________. A. Manipulate human behavior B. Make people distrustful C. Infect a system D. Gain a physical advantage
a
8. Which mechanism can be used to influence a targeted individual? A. Means of dress or appearance B. Technological controls C. Physical controls D. Training
a
3. Social engineering can be thwarted using what kinds of controls? A. Technical B. Administrative C. Physical D. Proactive controls
a,b,c
2. Training and education of end users can be used to prevent __________. A. Phishing B. Tailgating/piggybacking C. Session hijacking D. Wireshark
ab
7. Phishing can be mitigated through the use of __________. A. Spam filtering B. Education C. Antivirus D. Anti-malware
ab
10. What is the best option for thwarting social-engineering attacks? A. Technology B. Training C. Policies D. Physical controls
b
18. When talking to a victim, using __________ can make an attack easier. A. Eye contact B. Keywords C. Jargon D. Threats
b
11. Janet receives an email enticing her to click a link. But when she clicks this link she is taken to a website for her bank, asking her to reset her account info. However, Janet noticed that the bank is not hers and the website is not for her bank. What type of attack is this? A. Whaling B. Vishing C. Phishing D. Piggybacking
c
15. In social engineering a proxy is used to __________. A. Assist in scanning B. Perform a scan C. Keep an attacker's origin hidden D. Automate the discovery of vulnerabilities
c
13. A security camera picks up someone who doesn't work at the company following closely behind an employee while they enter the building. What type of attack is taking place? A. Phishing B. Walking C. Gate running D. Tailgating
d
14. What is a vulnerability scan designed to provide to those executing it? A. A way to find open ports B. A way to diagram a network C. A proxy attack D. A way to reveal vulnerabilities
d
5. Social engineering can use all the following except __________. A. Mobile phones B. Instant messaging C. Trojan horses D. Viruses
d
17. Human beings tend to follow set patterns and behaviors known as __________. A. Repetition B. Habits C. Primacy D. Piggybacking
b
9. Jennifer receives an email claiming that her bank account information has been lost and that she needs to click a link to update the bank's database. However, she doesn't recognize the bank, because it is not one she does business with. What type of attack is she being presented with? A. Phishing B. Spam C. Whaling D. Vishing
a
16. Social engineering can be used to carry out email campaigns known as __________. A. Spamming B. Phishing C. Vishing D. Splashing
b
12. Jason receives notices that he has unauthorized charges on his credit card account. What type of attack is Jason a victim of? A. Social engineering B. Phishing C. Identity theft D. Bad luck
c
19. An attacker can use which technique to influence a victim? A. Tailgating B. Piggybacking C. Name-dropping D. Acting like tech support
c
20. Jason notices that he is receiving mail, phone calls, and other requests for information. He has also noticed some problems with his credit checks such as bad debts and loans he did not participate in. What type of attack did Jason become a victim of? A. Social engineering B. Phishing C. Identity theft D. Bad luck
c
4. Social engineering preys on many weaknesses, including __________. A. Technology B. People C. Human nature D. Physical E. All of them
e