4 Social Engineering and Password Attacks

Question 1

What are common threat vectors and attack surfaces?

Answer 1

Phishing, Vishing, Smishing,

Misinformation/disinformation, Impersonation,

Business email compromise, Pretexting,

Watering hole, a targeted attack designed to compromise users within a specific industry or group of users by infecting websites they typically visit and luring them to a malicious site.

Brand impersonation,

Typosquatting. when people - often criminals - register a common misspelling of another organization’s domain as their own. For example: tailspintoy.com instead of tailspintoys.com (note the missing “s”).

Question 2

What are indicators of malicious activity?

Answer 2

Password attacks (Spraying, Brute force)

Question 3

What are key principles to socially engineer an individual? (7) A I C SP F T U

Answer 3

Authority

Intimidation

Consensus-based social engineering - might point out that everyone else in a department had already clicked on a link, or might provide fake testimonials

“social proof” in some categorization schemes.

Scarcity

Familiarity-based attacks rely on you liking the individual or even the organization the individual is claiming to represent.

Trust - build a connection with their targets

Urgency

Question 4

What is Phishing?

Answer 4

fraudulent acquisition of information, often focused on credentials like usernames and passwords, as well as sensitive personal information like credit card numbers and related data.

Question 5

What is Smishing?

Answer 5

phishing via SMS (text) messages

Question 6

What is Vishing

Answer 6

phishing via telephone.

Question 7

What is social engineering?

Answer 7

The practice of manipulating people through various strategies to accomplish desired actions.

Question 8

What principle relies on the fact that most people obey someone who appears to be in charge?

Answer 8

Authority

Question 9

What principle in social engineering uses fear to coerce individuals into taking action?

Answer 9

Intimidation

Question 10

What is consensus-based social engineering also known as?

Answer 10

Social proof

Question 11

Which principle makes something appear more desirable because it may be the last available?

Answer 11

Scarcity

Question 12

What do familiarity-based attacks rely on?

Answer 12

The target liking the individual or organization.

Question 13

What is the difference between trust and familiarity in social engineering?

Answer 13

Trust builds a connection with the individual, while familiarity relies on something being normal.

Question 14

What principle creates a sense of urgency in social engineering?

Answer 14

Urgency

Question 15

True or False: Most social engineering efforts combine multiple principles into a single attack.

Answer 15

True

Question 16

What is phishing?

Answer 16

The fraudulent acquisition of information, often focused on credentials or sensitive personal information.

Question 17

What is smishing?

Answer 17

Phishing via SMS (text) messages.

Question 18

What does vishing refer to?

Answer 18

Phishing via voice or voicemail messages.

Question 19

What is spear phishing?

Answer 19

Phishing that targets specific individuals or groups in an organization.

Question 20

What is whaling in the context of phishing?

Answer 20

Phishing that targets senior employees like CEOs and CFOs.

Question 21

What are common defenses against phishing?

Answer 21

Awareness training and technical filtering methods.

Question 22

What is the main goal of misinformation and disinformation campaigns?

Answer 22

To turn public opinion in directions of their choosing.

Question 23

What is the difference between misinformation and disinformation?

Answer 23

Misinformation is incorrect information, while disinformation is intentionally false information.

Question 24

What does the acronym MDM stand for?

Answer 24

Misinformation, Disinformation, and Malinformation.

Question 25

What is the TRUST process recommended by CISA?

Answer 25

Tell your story, Ready your team, Understand and assess MDM, Strategize response, Track outcomes.

Question 26

What is impersonation in social engineering?

Answer 26

Pretending to be someone else to gain access or information.

Question 27

What is identity fraud?

Answer 27

The use of someone else's identity for financial gain.

Question 28

What does business email compromise (BEC) involve?

Answer 28

Using legitimate-looking email addresses to conduct scams.

Question 29

What is pretexting?

Answer 29

Using a made-up scenario to justify approaching an individual.

Question 30

What are watering hole attacks?

Answer 30

Attacks that target websites frequented by the victims.

Question 31

What is brand impersonation?

Answer 31

Using emails that appear to be from a legitimate brand to deceive users.

Question 32

What is typosquatting?

Answer 32

Using misspelled URLs similar to legitimate sites to conduct attacks.

Question 33

Fill in the blank: _______ relies on changing a system's hosts file or active malware to redirect users.

Answer 33

Pharming

Question 35

What are the two password-related attacks focused on in the Security+ exam?

Answer 35

Brute-force attacks and password spraying attacks ## Footnote These attacks are critical for understanding password security.

Question 36

Define brute-force attacks.

Answer 36

Brute-force attacks iterate through passwords until they find one that works, often using common passwords and modification rules.

Question 37

What is a password spraying attack?

Answer 37

A form of brute-force attack that uses a single password or small set of passwords against many accounts.

Question 38

What is a dictionary attack?

Answer 38

A brute-force attack that uses a list of words for password attempts.

Question 39

Name a popular open-source password cracking tool.

Answer 39

John the Ripper

Question 40

True or False: Dictionary attacks are not covered in the Security+ exam.

Answer 40

True ## Footnote The exam focuses only on spraying and brute force attacks.

Question 41

What differentiates online attacks from offline attacks?

Answer 41

Online attacks occur against a live system while offline attacks occur against a compromised password store.

Question 42

What are rainbow tables?

Answer 42

Easily searchable databases of precomputed hashes using the same hashing methodology as the captured password file.

Question 43

Define hashing.

Answer 43

A one-way cryptographic function that generates a unique and repeatable output from an input.

Question 44

Fill in the blank: Password cracking tools can also be used as _______ assessment tools.

Answer 44

password

Question 45

What is a significant advantage of using a strong password hashing mechanism?

Answer 45

It helps protect passwords from being easily acquired and reused.

Question 46

What is the role of a salt and a pepper in password hashing?

Answer 46

They are additional data added to passwords before hashing, making it harder to use tools like rainbow tables.

Question 47

True or False: Best practices for password storage rely on encryption.

Answer 47

False ## Footnote Best practices rely on using well-constructed password hashes instead.

Question 48

What are common password assessment practices used by organizations?

Answer 48

Testing for weak and easily cracked passwords using password crackers on their password stores.

Question 49

What can be learned from using tools like John the Ripper?

Answer 49

Understanding both password cracking and how passwords are stored.

Question 50

Where can you find exercises to learn about John the Ripper?

Answer 50

https://openwall.info/wiki/john/tutorials

Question 51

What resource does OWASP provide for secure password storage?

Answer 51

Password Storage Cheat Sheet ## Footnote Available at https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html

Question 54

What does SSH stand for?

Answer 54

Secure Shell or Secure Socket Shell

Question 55

What is the primary function of SSH?

Answer 55

Provides a secure way to access a computer over an unsecured network

Question 56

Who primarily uses SSH?

Answer 56

Systems administrators

Question 57

What does SSH refer to besides the protocol?

Answer 57

The suite of utilities that implement the SSH protocol

Question 58

True or False: SSH is used for secure communication over a secured network.

Answer 58

False

Question 59

Fill in the blank: SSH is a network protocol that gives users a _______ way to access a computer.

Answer 59

secure