4 Social Engineering and Password Attacks Flashcards
What are common threat vectors and attack surfaces?
Phishing, Vishing, Smishing,
Misinformation/disinformation, Impersonation,
Business email compromise, Pretexting,
Watering hole, a targeted attack designed to compromise users within a specific industry or group of users by infecting websites they typically visit and luring them to a malicious site.
Brand impersonation,
Typosquatting. when people - often criminals - register a common misspelling of another organization’s domain as their own. For example: tailspintoy.com instead of tailspintoys.com (note the missing “s”).
What are indicators of malicious activity?
Password attacks (Spraying, Brute force)
What are key principles to socially engineer an individual? (7) A I C SP F T U
Authority
Intimidation
Consensus-based social engineering - might point out that everyone else in a department had already clicked on a link, or might provide fake testimonials
“social proof” in some categorization schemes.
Scarcity
Familiarity-based attacks rely on you liking the individual or even the organization the individual is claiming to represent.
Trust - build a connection with their targets
Urgency
What is Phishing?
fraudulent acquisition of information, often focused on credentials like usernames and passwords, as well as sensitive personal information like credit card numbers and related data.
What is Smishing?
phishing via SMS (text) messages
What is Vishing
phishing via telephone.
What is social engineering?
The practice of manipulating people through various strategies to accomplish desired actions.
What principle relies on the fact that most people obey someone who appears to be in charge?
Authority
What principle in social engineering uses fear to coerce individuals into taking action?
Intimidation
What is consensus-based social engineering also known as?
Social proof
Which principle makes something appear more desirable because it may be the last available?
Scarcity
What do familiarity-based attacks rely on?
The target liking the individual or organization.
What is the difference between trust and familiarity in social engineering?
Trust builds a connection with the individual, while familiarity relies on something being normal.
What principle creates a sense of urgency in social engineering?
Urgency
True or False: Most social engineering efforts combine multiple principles into a single attack.
True
What is phishing?
The fraudulent acquisition of information, often focused on credentials or sensitive personal information.
What is smishing?
Phishing via SMS (text) messages.
What does vishing refer to?
Phishing via voice or voicemail messages.
What is spear phishing?
Phishing that targets specific individuals or groups in an organization.
What is whaling in the context of phishing?
Phishing that targets senior employees like CEOs and CFOs.
What are common defenses against phishing?
Awareness training and technical filtering methods.
What is the main goal of misinformation and disinformation campaigns?
To turn public opinion in directions of their choosing.
What is the difference between misinformation and disinformation?
Misinformation is incorrect information, while disinformation is intentionally false information.
What does the acronym MDM stand for?
Misinformation, Disinformation, and Malinformation.
What is the TRUST process recommended by CISA?
Tell your story, Ready your team, Understand and assess MDM, Strategize response, Track outcomes.
What is impersonation in social engineering?
Pretending to be someone else to gain access or information.
What is identity fraud?
The use of someone else’s identity for financial gain.
What does business email compromise (BEC) involve?
Using legitimate-looking email addresses to conduct scams.
What is pretexting?
Using a made-up scenario to justify approaching an individual.
What are watering hole attacks?
Attacks that target websites frequented by the victims.
What is brand impersonation?
Using emails that appear to be from a legitimate brand to deceive users.
What is typosquatting?
Using misspelled URLs similar to legitimate sites to conduct attacks.
Fill in the blank: _______ relies on changing a system’s hosts file or active malware to redirect users.
Pharming
What are the two password-related attacks focused on in the Security+ exam?
Brute-force attacks and password spraying attacks
These attacks are critical for understanding password security.
Define brute-force attacks.
Brute-force attacks iterate through passwords until they find one that works, often using common passwords and modification rules.
What is a password spraying attack?
A form of brute-force attack that uses a single password or small set of passwords against many accounts.
What is a dictionary attack?
A brute-force attack that uses a list of words for password attempts.
Name a popular open-source password cracking tool.
John the Ripper
True or False: Dictionary attacks are not covered in the Security+ exam.
True
The exam focuses only on spraying and brute force attacks.
What differentiates online attacks from offline attacks?
Online attacks occur against a live system while offline attacks occur against a compromised password store.
What are rainbow tables?
Easily searchable databases of precomputed hashes using the same hashing methodology as the captured password file.
Define hashing.
A one-way cryptographic function that generates a unique and repeatable output from an input.
Fill in the blank: Password cracking tools can also be used as _______ assessment tools.
password
What is a significant advantage of using a strong password hashing mechanism?
It helps protect passwords from being easily acquired and reused.
What is the role of a salt and a pepper in password hashing?
They are additional data added to passwords before hashing, making it harder to use tools like rainbow tables.
True or False: Best practices for password storage rely on encryption.
False
Best practices rely on using well-constructed password hashes instead.
What are common password assessment practices used by organizations?
Testing for weak and easily cracked passwords using password crackers on their password stores.
What can be learned from using tools like John the Ripper?
Understanding both password cracking and how passwords are stored.
Where can you find exercises to learn about John the Ripper?
https://openwall.info/wiki/john/tutorials
What resource does OWASP provide for secure password storage?
Password Storage Cheat Sheet
Available at https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html
What does SSH stand for?
Secure Shell or Secure Socket Shell
What is the primary function of SSH?
Provides a secure way to access a computer over an unsecured network
Who primarily uses SSH?
Systems administrators
What does SSH refer to besides the protocol?
The suite of utilities that implement the SSH protocol
True or False: SSH is used for secure communication over a secured network.
False
Fill in the blank: SSH is a network protocol that gives users a _______ way to access a computer.
secure