2.4 – Social Engineering Flashcards

1
Q

Social Engineering

A
  • Uses social tactics to trick users into giving up information or performing actions they wouldn’t usually take

o In person, over phone, while browsing, via email
o Take advantage of normal social behaviors & trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  • Phishing
A

o Sending emails with purpose to trick them into revealing personal information / performing acts

o DOES NOT target specific group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  • Spear Phishing
A

targets specific groups of users

—Attacks can be customized [more dangerous]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

o Whaling

A

targets high-level executives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

o Vishing

A

voice phishing
–Verify identity & contact info of caller
–Caller-ID can be spoofed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

o Smishing

A

-Uses SMS Texts

-Instant messages / social media

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  • In Person Training
    o Dumpster Diving
A

–Person looks through trash for info

–Burning / shredding helps prevent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  • In Person Training
    o Shoulder Surfing
A

Looking over shoulder with camera to view sensitive information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  • In Person Training
    o Tailgating
A

Follow closely behind someone to enter a secure area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  • In Person Training
    o Impersonation
A

Pretend to be someone else

Usually impersonate tech support / company personal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  • In Person Training
    o Evil Twin
A

Fraudulent WiFi access point that appears to be legit

Setup to eavesdrop on wireless communication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly