SY0-601 SEC+ Social Engineering Techniques & Attack Types

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of these types of phishing variants matches the proper definition?

BEC - Targets companies who outsource, conduct wire transfers, and have suppliers abroad Smishing - A cyber attack that uses SMS texting as the vector Spear phishing - Targets certain employees in certain departments, roles, and responsibilities Whaling - Targets high-level employee or someone in senior management Pharming - Attackers poisons a DNS server to re-direct users to unintentionally go to a fake site

What cryptographic attack takes advantage of an application's ability to give up a more secure method of communication and revert to an order, less-optimal mode?

Downgrade attack

What is most likely the first step in a scam or hoax attack?

IP spoofing

Which of these represents practical reasons for the effectiveness of social engineering?

Lack of acceptable use policy No buy-in from management No policy enforcement Outdated anti-virus tools and utilities

Which of these attacks triggers a certain event occurs such as mouse movement of file access?

Logic bomb

What technologies with learning, reasoning, and decision-making abilities are rapidly being incorporated into security, analysis, defense, and military systems?

Machine learning Robotic technologies Artificial intelligence

What is another term used to describe an influence campaign?

Misinformation operation

Which of these is more related to an on-premise provider as opposed to a cloud-based provider?

More experience and familiarity with systems

Which of these attacks is most likely to be conducted with a cell phone camera?

Shoulder surfing

What technique uses devices that overlay an ATM machine or point-of-scale scanner to steal the information from the victim?

Skimming

Which of these password attacks tries to access many accounts using a few commonly used passwords with a "low-and-slow" methodology?

Spraying

Match the type of common malware with the proper characteristic?

Spyware - Malware that can show advertisements, track information, and make changes to endpoints without user knowledge. Ransomware - Client and server handshakes before the server generates two cryptographic keys Worms - A special form of self-replicating malware that typically spreads without user action Keyloggers - KeyGhost captures passwords, credit card numbers, and other personal information Rat - Infected PC serves a session back to C2C server acting as client

What type of attack involves infiltrating a system through an outside partner, vendor, or provider with access to your systems and/or data?

Supply chain attack

Which of these are terms that describe an attacker sitting on sites under someone else's brand and targeting internet users who erroneously type into their browser address bar?

Typosquatting URL hijacking Sting sites Fake URL


Ensembles d'études connexes

Chapter 19- Lower Respiratory Disorders

View Set

BCOM 3113 Verbs, Adverbs, and Adjectives

View Set

Chapter 43: Assessment and Management of Patients with Hepatic Disorders

View Set

Chapter 5: Networking and Server Attacks

View Set

PHI2604 - Midterm Review (chapter 9, 10, & 12 from the book)

View Set

macro chapter 23, 24, 25, 26 (exam 2)

View Set

SOC 134-given practice questions for MT 2

View Set

Unit 5 - The Research & Writing Processes

View Set