Module 4 quiz - social engineering attacks
Which of the following is not a motivation technique used by social engineers?
A phishing campaign using whaling
Which of the following is not true about elicitation an interrogation?
And interrogator cannot use closed ended questions to gain more control of the conversation.
Which of the following is true about interrogation?
And interrogator pays attention to the victims posture body language skin color and Eye movement
In a _________ attack, A user visits a legitimate website and clicks on a malicious ad. Then the user is redirected to a malicious site and downloads malware.
Malvertising
Which of the following refers to the act of incorporating malicious ads on trusted websites, which results in users browsers being in advertently redirected to sites hosting malware?
Malvertising
Which of the following is not true about pharming?
Pharming can be done by exploiting a buffer overflow using Windows Powershell.
Which of the following is the term for an attacker presenting to a user a link or an attachment that looks like a valid, trusted resource?
Phishing
Which of the following is true about pretexting
Pretexting Or impersonation involves presenting yourself there's someone else in order to gain access to information
Which of the following is an example of a social engineering attack that is not related to email?
SMS phishing
Which of the following is true about social engineering motivation techniques?
Scarcity can be used to create a feeling of urgency in a decision making context. It is possible to use specific language in an interaction to present a sense of urgency and manipulate the victim
Which of the following involves obtaining information such as personally identifiable information (PII), passwords, and other confidential data by looking at someone's laptop, desktop, or mobile device screen?
Shoulder surfing
_______ is phishing attempts that are constructed in a very specific way and directly targeted to specific individuals or companies.
Spear phishing
Which of the following is true about spear phishing?
Spear phishing is phishing attempts that are constructed in a very specific way and directly targeted to specific individuals or companies
Which of the following is not true?
The main goal in all mass mail attacks, including whaling, is to steal sensitive information or compromise the victim system and then target other key high profile victims.
Which of the following is not true about USB key drop attacks?
USB key drop attacks are not effective anymore
Which of the following is true about voice phishing?
Voice phishing is also referred to as "vishing"
Which of the following is not true about whaling?
Whaling attacks use DNS poisoning to impersonate a legitimate website.
Which of the following is true?
Whaling is similar to phishing and spear phishing
