Matt Walker Chapter 12 Flashcards
- 1.An attacker creates a fake ID badge and waits next to an entry door to a secured facility. An authorized user swipes a key card and opens the door. The attacker follows the user inside. Which social engineering attack is in play here?
A. Piggybacking
B. Tailgating
C. Phishing
D. Shoulder surfing
1.B. Tailgating
In tailgating, the attacker holds a fake entry badge of some sort and follows an authorized user inside.
- 2.An attacker has physical access to a building and wants to attain access credentials to the network using nontechnical means. Which of the following social engineering attacks is the best option?
A. Tailgating
B. Piggybacking
C. Shoulder surfing
D. Sniffing
2.C. Shoulder surfing
Because he is already inside (thus rendering tailgating and piggybacking pointless), the attacker could employ shoulder surfing to gain the access credentials of a user.
- 3.Bob decides to employ social engineering during part of his pen test. He sends an unsolicited e-mail to several users on the network advising them of potential network problems and provides a phone number to call. Later that day, Bob performs a DoS on a network segment and then receives phone calls from users asking for assistance. Which social engineering practice is in play here?
A. Phishing
B. Impersonation
C. Technical support
D. Reverse social engineering
3.D. Reverse social engineering
Reverse social engineering occurs when the attacker uses marketing, sabotage, and support to gain access credentials and other information.
- 4.Phishing, pop-ups, and IRC channel use are all examples of which type of social engineering attack?
A. Human based
B. Computer based
C. Technical
D. Physical
4.B. Computer based
Computer-based social engineering attacks include any measures using computers and technology.
- 5.An attacker performs a whois search against a target organization and discovers the technical point of contact (POC) and site ownership e-mail addresses. He then crafts an e-mail to the owner from the technical POC, with instructions to click a link to see web statistics for the site. Instead, the link goes to a fake site where credentials are stolen. Which attack has taken place?
A. Phishing
B. Man in the middle
C. Spear phishing
D. Human based
5.C. Spear phishing
Spear phishing occurs when the e-mail is being sent to a specific audience, even if that audience is one person. In this example, the attacker used recon information to craft an e-mail designed to be more realistic to the intended victim and therefore more successful.
- 6.Which threat presents the highest risk to a target network or resource?
A. Script kiddies
B. Phishing
C. A disgruntled employee
D. A white-hat attacker
6.C. A disgruntled employee
Everyone recognizes insider threats as the worst type of threat, and a disgruntled employee on the inside is the single biggest threat for security professionals to plan for and deal with.
7.Which of the following is not a method used to control or mitigate against static electricity in a computer room?
A. Positive pressure
B. Proper electrical grounding
C. Anti-static wrist straps
D. A humidity control system
7.A. Positive pressure
Positive pressure will do wonderful things to keep dust and other contaminants out of the room, but on its own it does nothing against static electricity.
- 8.Phishing e-mail attacks have caused severe harm to a company. The security office decides to provide training to all users in phishing prevention. Which of the following are true statements regarding identification of phishing attempts? (Choose all that apply.)
A.Ensure e-mail is from a trusted, legitimate e-mail address source.
B. Verify spelling and grammar is correct.
C. Verify all links before clicking them.
D.Ensure the last line includes a known salutation and copyright entry (if required).
8.
A.Ensure e-mail is from a trusted, legitimate e-mail address source.
B. Verify spelling and grammar is correct.
C. Verify all links before clicking them.
from, who they are addressed to, spelling and grammar errors, and unknown or malicious embedded links.
Phishing e-mails can be spotted by who they are from, who they are addressed to, spelling and grammar errors, and unknown or malicious embedded links.
- 9.Lighting, locks, fences, and guards are all examples of __________ measures within physical security.
A. physical
B. technical
C. operational
D. exterior
9.A. physical
Physical security controls fall into three categories: physical, technical, and operational. Physical measures include lighting, fences, and guards.
- 10.A man receives a text message on his phone purporting to be from Technical Services. The text advises of a security breach and provides a web link and phone number to follow up on. When the man calls the number, he turns over sensitive information. Which social engineering attack was this?
A. Phishing
B. Vishing
C. Smishing
D. Man in the middle
- C. Smishing
The term smishing refers to the use of text messages to socially engineer mobile device users. By definition it is a mobile-based social engineering attack. As an aside, it also sounds like something a five-year-old would say about killing a bug.
12. 11.Background checks on employees, risk assessments on devices, and policies regarding key management and storage are examples of \_\_\_\_\_\_\_\_\_\_ measures within physical security. A. physical B. technical C. operational D. None of the above
11.C. operational
Operational measures are the policies and procedures you set up to enforce a security-minded operation.
- 12.Your organization installs mantraps in the entranceway. Which of the following attacks is it attempting to protect against?
A. Shoulder surfing
B. Tailgating
C. Dumpster diving
D. Eavesdropping
12.B. Tailgating
Mantraps are specifically designed to prevent tailgating.
