Module 9 - Social Engineering Flashcards
The art of convincing people to reveal confidential information.
a. Dumpster Diving
b. Eavesdropping
c. Social Engineering
d. Shoulder Surfing
c. Social Engineering
Social Engineering Techniques:
- Unauthorized listening of conversations, or reading of messages.
- Interception of audio, video, or written communication.
- It can be done using communication channels such as telephone lines, email, instant messaging, etc.
a. Dumpster Diving
b. Eavesdropping
c. Social Engineering
d. Shoulder Surfing
b. Eavesdropping
Social Engineering Techniques:
- Uses direct observation techniques such as looking over someone’s shoulder to get information such as passwords, PINs, account numbers, etc.
- Can also be done from a longer distance with the aid of vision enhancing devices such as binoculars that are equipped with the capability of obtaining long distance information.
a. Dumpster Diving
b. Eavesdropping
c. Social Engineering
d. Shoulder Surfing
d. Shoulding Surfing
Social Engineering Techniques:
- Is looking for treasure in someone else’s trash.
- It involves collection of phone bills, contact information, financial information, operations related information, etc. from the target company’s trash bins, printer trash bins, user desk for sticky notes, etc.
a. Dumpster Diving
b. Eavesdropping
c. Social Engineering
d. Shoulder Surfing
a. Dumpster Diving
Social Engineering Techniques:
- An authorized person allows (intentionally or unintentionally) an unauthorized person to pass through a secure door.
- “I forgot my badge at home, can you help me.”
a. Piggybacking
b. Tailgating
a. Piggybacking
Social Engineering Techniques:
- An unauthorized person enters a secured area by closely following an authorized person through a door requiring key access.
a. Piggybacking
b. Tailgating
b. Tailgating
Social Engineering Techniques:
Is a practice of sending an illegitimate email falsely claiming to be from a legitimate site in an attempts to acquire a user’s personal or account information.
a. Pharming
b. Whaling
c. Spear Phishing
d. Phishing
d. Phishing
Social Engineering Techniques:
An attacker targets high profile executives like CEO, CFO, politicians and celebrities who have complete access to confidential and highly valuable information.
a. Pharming
b. Whaling
c. Spear Phishing
d. Phishing
b. Whaling
Social Engineering Techniques:
- A targeted phishing attack aimed at specific individuals within an organization.
- Attackers use this attack to send a message with specialized, social engineering content directed at a specific person, or a small group of people.
a. Pharming
b. Whaling
c. Spear Phishing
d. Phishing
c. Spear Phishing
Social Engineering Techniques:
- Attacker redirects the web traffic to a fraudulent website by installing malicious program on a personal computer or server.
- AKA: DNS Cache Poisoning
a. Pharming
b. Whaling
c. Spear Phishing
d. Phishing
a. Pharming
_____ ____ occurs when someone steals your personally identifiable information for fraudulent purposes.
Identity Theft
Countermeasures:
What are the correct examples of 2 Factor & Multifactor Authentication?
a. Username
b. CAC & PIN
c. Password
d. Fingerprint Scan (Biometric)
e. Username/Password & Biometric
f. CAC/PIN & Biometric
b. CAC & PIC
e. Username/Password & Biometric
f. CAC/PIN & Biometric
