Chap 8 - Exploiting Physical and Social Vulnerabilities Flashcards
Mike wants to enter an organization’s high‐security data center. Which of the following techniques is most likely to stop his tailgating attempt?
A. Security cameras
B. A security vestibule
C. An egress sensor
D. An RFID badge reader
A security vestibule
A security vestibule allows only one individual through at a time, with doors at either end that unlock and open one at a time. It will prevent most piggybacking or tailgating behavior unless employees are willfully negligent.
Which of the following technologies is most resistant to badge cloning attacks if implemented properly?
A. Low‐frequency RFID
B. Magstripes
C. Medium‐frequency RFID
D. Smartcards
Smartcards
Most organizations continue to use RFID or magnetic stripe technology for entry access cards, making a penetration tester’s job easier, since both technologies can be cloned. Smartcards are far more difficult to clone if implemented properly.
Jen has been contracted to perform a penetration test against Flamingo, Inc. As part of her penetration test, she has been asked to conduct a phishing campaign and to use the results of that campaign to gain access to Flamingo systems and networks. The scope of the penetration test does not include a physical penetration test, so Jen must work entirely remotely.
Jen wants to deploy a malicious website as part of her penetration testing attempt so that she can exploit browsers belonging to employees. What framework is best suited to this?
A. Metasploit
B. BeEF
C. SET
D. OWASP
BeEF
The Browser Exploitation Framework, or BeEF, is specifically designed for this type of attack. Jen can use it to easily deploy browser exploit tools to a malicious website and can then use various phishing and social engineering techniques to get Flamingo employees to visit the site.
BeEF
The Browser Exploitation Framework (BeEF) is a penetration testing tool used to exploit web browsers. It allows attackers to hook browsers when users visit a BeEF-enabled site, providing tools to gather browser details, detect settings, execute commands, and potentially exploit browser vulnerabilities.
SET
The Social Engineering Toolkit (SET) is a menu-driven framework designed for automating social engineering attacks, including spear phishing, website cloning, and infectious media creation. It integrates with tools like Metasploit and is pre-installed in Kali Linux, making it a powerful resource for penetration testers
Jen has been contracted to perform a penetration test against Flamingo, Inc. As part of her penetration test, she has been asked to conduct a phishing campaign and to use the results of that campaign to gain access to Flamingo systems and networks. The scope of the penetration test does not include a physical penetration test, so Jen must work entirely remotely.
After attempting to lure employees at Flamingo, Inc., to fall for a phishing campaign, Jen finds that she hasn’t acquired any useful credentials. She decides to try a USB key drop. Which of the following Social‐Engineer Toolkit modules should she select to help her succeed?
A. The website attack vectors module
B. The Infectious Media Generator
C. The Mass Mailer Module
D. The Teensy USB HID attack module
The Infectious Media Generator
Jen should use the infectious media generator tool, which is designed to create thumb drives and other media that can be dropped on‐site for employees to pick up. The Teensy USB HID attack module may be a tempting answer, but it is designed to make a Teensy (a tiny computer much like an Arduino) act like a keyboard or other human interface device rather than to create infected media. Creating a website attack or a mass mailer attack isn’t part of a USB key drop.
What are the modules in the SET?
- Spear-Phishing Attack Vectors
- Website Attack Vectors
- Infectious Media Generator
- Create a Payload and Listener
- Mass Mailer Attack
- Teensy USB HID Attack Vector
- SMS Spoofing Attack Vector
- Wireless Access Point Attack Vector
- Third Party Modules
- Update the Metasploit Framework
- Update the Social-Engineer Toolkit
- Help, Credits, and About
- Exit the Social-Engineer Toolkit
Frank receives a message to his cell phone from a phone number that appears to be from the IRS. When he answers, the caller tells him that he has past due taxes and is in legal trouble. What type of social engineering attack has Frank encountered?
A. A spear phishing attack
B. A whaling attack
C. A vishing attack
D. A SMS phishing attack
A vishing attack
Frank has encountered a vishing attack, a type of attack conducted via phone that often relies on a perception of authority and urgency to acquire information from its targets. A spear phishing attack targets specific individuals or groups, and whaling attacks are aimed at VIPs—neither of which are indicated in the question. The attack is via voice, not SMS, ruling that answer out too.
Vishing
Vishing, or voice phishing, is a form of social engineering conducted over the phone. It often uses caller ID spoofing to make the calls appear more believable, with the goal of obtaining sensitive information like credentials
Cameron sends a phishing email to all of the administrative assistants in a company. What type of phishing attack is he conducting?
A. Whaling
B. Vishing
C. A watering hole attack
D. Spear phishing
Spear phishing
Spear phishing is targeted to specific populations, in this case, administrative assistants. Whaling targets VIPs, vishing is done via phone calls, and a watering hole attack leverages a frequently visited site or application.
Spear Phishing
Spear phishing is a targeted phishing attack that aims at specific individuals rather than a broader group, leveraging details about the target to increase the attack’s credibility
the book also says: Spear phishing is targeted to specific populations, in this case, administrative assistants. Whaling targets VIPs, vishing is done via phone calls, and a watering hole attack leverages a frequently visited site or application.
Which social engineering motivation technique relies on persuading the target that other people have behaved similarly and thus that they could too?
A. Likeness
B. Fear
C. Social proof
D. Reciprocation
Social proof
Social proof relies on persuading an individual that they can behave in a way similar to what they believe others have. A social proof scenario might involve explaining to the target that sharing passwords was commonly done among employees in a specific circumstance or that it was common practice to let other staff in through a secure door without an ID.
Megan wants to clone an ID badge for the company that she is performing a penetration test against. Which of the following types of badge can be cloned without even touching it?
A. Magstripe
B. Smartcard
C. RFID
D. CAC
RFID
RFID badges are wireless and can sometimes be cloned from distances up to a few feet away. Magstripe cards need to be read with a magnetic stripe reader, smartcards provide additional security that make them difficult to clone, and CAC cards are the U.S. government’s smartcard implementation.
CAC
CAC stands for Common Access Card, which is the U.S. government’s implementation of a smartcard used for secure access to systems and facilities
Allan wants to gain access to a target company’s premises but discovers that his original idea of jumping the fence probably isn’t practical. His new plan is to pretend to be a delivery person with a box that requires a personal signature from an employee. What technique is he using?
A. Authority
B. Pretexting
C. Social proof
D. Likeness
Pretexting
Allan is using a pretext to gain access to the organization. Claiming to be a delivery person who needs a specific signature may get him past the initial security for the organization. He is not claiming particular authority, providing social proof that others allow him in, or claiming he is similar to the security person or receptionist.
