Pervasive Attack Surfaces and Controls

Question 1

What is Social Engineering?

Answer 1

An act of manipulating people to acquire sensitivie information.

Question 2

What is Phishing?

Answer 2

The act of sending a malicious email to a victim and trick them into taking action so the threat actor can further exploit the system.

Question 3

What is Spear Phishing?

Answer 3

The act of sending a malicious detailed email tailored to the victim to exploit them.

Question 4

What is Whaling?

Answer 4

A type of Spear Phishing that targets executive level individuals for larger financial gain.

Question 5

What is Vishing?

Answer 5

Voice Phishing is the act of manipulating an individual over a phone call

Question 6

What is the Smishing?

Answer 6

The act of using the Short Message System to send send fraudulent text messages to a victim.

Question 7

What is Business Email Compromise?

Answer 7

A BEC takes advantage of the common practice today by businesses and organizations of electronically making payments or transferring funds.

Question 8

What is Impersonation?

Answer 8

The act of pretending to be someone else in order extract information.

Question 9

What is Pretexting?

Answer 9

Obtaining sensitive information through Social Engineering.

Question 10

What is Redirection?

Answer 10

Threat Actors will build well known sites that are mispelled and rely on victim typos

Question 11

What is a Watering Hole Attack?

Answer 11

An attack directed toward a small group of specific individuals.