Human Element Security

Question 1

Why are humans considered the “weakest link” in cybersecurity?

Answer 1

Because they can be tricked or manipulated into revealing sensitive information.

Question 2

What is social engineering?

Answer 2

The psychological manipulation of people to gain access to information or systems.

Question 3

What is HUMINT (Human Intelligence)?

Answer 3

Intelligence gathered by talking to people rather than using technical methods.

Question 4

What is OSINT (Open-Source Intelligence)?

Answer 4

Intelligence gathered from publicly available sources like social media, job postings, and public records.

Question 5

What is Google Dorking?

Answer 5

A search technique that uses advanced Google search operators to find exposed data.

Question 6

What is pretexting?

Answer 6

An attacker creates a false scenario to trick a victim into revealing sensitive information.

Example: A scammer pretends to be tech support and asks for login credentials.

Question 7

What is phishing?

Answer 7

A fraudulent email, text, or call designed to trick users into providing information or downloading malware.

Question 8

What is tailgating (piggybacking)?

Answer 8

When an attacker follows an authorized person into a restricted area without credentials.

Question 9

What are three best practices for password security?

Answer 9

Use strong, unique passwords for each account.
Store passwords in a password manager.
Enable Multi-Factor Authentication (MFA).

Question 10

How can employees recognize phishing emails?

Answer 10

Look for misspellings & unusual requests.
Check the sender’s email address.
Hover over links before clicking.

Question 11

Why should employees avoid public WiFi for work?

Answer 11

Public WiFi lacks encryption, allowing attackers to intercept data.

Question 12

What is a Clean Desk Policy?

Answer 12

A policy requiring employees to secure sensitive documents and lock computers when leaving their desks.