2.2 Social Engineering

Question 1

What is the best way to minimize the impact of social engineering?

Answer 1

Education

Question 2

What are some ways an attacker manipulates a victim?

Answer 2

Threats, trust, moral obligation, asking for very little, ignoranceW

Question 3

What are the three phases of the social engineering process?

Answer 3

Research, development, and exploitation

Question 4

What does the research phase of social engineering involve?

Answer 4

Gathering information about the company or organization that will be attacked (footprinting)

Question 5

What does the development phase of social engineering involve?

Answer 5

Selecting targets who have information and certain characteristics, then forming relationships with these people to build trust

Question 6

What does the exploitation phase of the social engineering process involve?

Answer 6

The attacker takes advantage of their relationship with the victim to extract information, obtain access, or accomplish other goals

Question 7

What is an important part of the exploitation phase?

Answer 7

A well-planned and smooth exit without traces

Question 8

What is a prerequisite of many social engineering attacks?

Answer 8

Obtaining information about the network and security systems

Question 9

What are some social engineering attacks examples?

Answer 9

Phishing, smishing, vishing, impersonation, pretexting, brand impersonation, business email compromise (BEC), disinformation, misinformation, watering hole (use of an unsecured third-party website), typosquatting, hijacked subdomains