1.1 Compare and contrast different types of social engineering techniques.

Question 1

An attacker registers a domain name with a common misspelling of an existing domain. Users who misspell a URL in a web browser, arrive at the attacker’s website.

Answer 1

Typosquatting

Question 2

the attacker steals a domain name by altering its registration information and then transferring the domain name to another entity.

Answer 2

Domain hijacking

Question 3

Domain Name Server (DNS) exploit that involves registering a domain temporarily to see how many hits it generates within the five-day grace period.

Answer 3

Tasting

Question 4

the act of continually registering, deleting, and reregistering a name within the five-day grace period without having to pay for it.

Answer 4

Kiting

Question 5

Passive means of redirecting users from a legitimate website to a malicious one by corrupting the way the victim’s computer performs Internet name resolution.

Answer 5

Pharming

Question 6

campaign specifically designed to steal account credentials. The attacker has more interest in selling the database of captured logins than trying to exploit them directly.

Answer 6

Credential harvesting

Question 7

attack relies on the circumstance that a group of targets may use an unsecure third-party website, which the attacker has compromised.

Answer 7

A watering hole