Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cybersecurity > Ethical Hacking 10 > Flashcards

Ethical Hacking 10 Flashcards

1
Q

Which method of preventing an insider threat are the completion of tasks allotted to different employees at different times?

A

Rotation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In which social engineering technique does an unauthorized person convince an authorized person to allow him or her into a secured area?

A

Piggybacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following statements is NOT true regarding effective measures to defend against social engineering attacks?

A

A good security policy can prevent people from being socially engineered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What software will provide some protection against well known phishing websites?

A

Netcraft toolbar

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What statement represents an effective means of countering a persuasion based social engineering attack?

A

Employees should be trained on the basic security policies and procedures of the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When an attacker sends an e-mail or provides a link falsely claiming to be from a legitimate site in an attempt to acquire a user’s personal or account information, the attacker is using which feature or technique?

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You are attempting to gather information about a client’s network, and are surveying a company site. Access is gained via secured entry using ID cards. You observe several employees on a smoke break near once of the secured entrances. Once they are finished, you casually follow them in after they’ve unlocked the entry point with an ID card. What type of social engineering attack has occurred?

A

tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is a technique in which an attacker sends an e-mail or provides a link falsely claiming to be from a legitimate site in an attempt to acquire a user’s personal or account information?

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What kind of social engineering attack involves an unauthorized person who convinced an authorized person to allow him or her into secured areas?

A

piggybacking attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What type of social engineering involves the behavioral trait that compels someone to do what everyone else is doing?

A

social validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which type of social engineering threat is accomplished through the use of intimidation, persuasion, ingratiation, or assistance?

A

Personal Approaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is NOT one of the four phases of the social engineering lifecycle?

A

Social validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What term is given to the authorization assigned to users or groups of users for their ability to read and write computer data and devices?

A

Access privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What information could be used to steal a target’s identity once identified?

A

an telephone bill

a water bill

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which type of attack uses the phone system?

A

phreaking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

whiced legitimate, but in reality, was designed to appear exactly like your company’s corporate Internet login page. What type of attack is this?

A

phishing

17
Q

What is the first phase of the social engineering cycle?

A

information gathering

18
Q

A client is developing a security policy for their network and has asked you how they should defend against intimidation attacks. What response provides the best approach to this kind of specific attack?

A

The policy should outline how employees will escalate intimidation attempts to higher management.

19
Q

Which human-based social engineering technique involves an attacker masquerading as a hardware vendor?

A

Posing as Technical Support

20
Q

Which of the following should NOT be included in an effective password policy?

A

At least one other person should know a user’s password

21
Q

What are the costs for a business when a user is tricked into downloading malware?

A

Business credibility, Business availability

22
Q

Measures that must be taken to prevent the misuse of sensitive data would be part of which social engineering counter measure?

A

Operational Guidelines

23
Q

What social engineering technique includes interception of any form of communication, including audio, video, or written?

A

Eavesdropping

Cybersecurity (73 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions