Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security + (SY0-701) > Section 27.259 Avoiding Social Engineering > Flashcards

Section 27.259 Avoiding Social Engineering Flashcards

Objective 5.6 Given a scenario, you must be able to implement security awareness practices

1
Q

Social Engineering

A

Involves deception to manipulate individuals into breaching security procedures

■ Attacks exploit human psychology and often appear innocent

■ Awareness and vigilance serve as the first line of defense against social engineering attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Maintaining Situational Awareness

Situational Awareness

A

Mindfulness about surroundings and actions

■ Essential to avoid social engineering attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Maintaining Situational Awareness

Examples of social engineering threats

A

● Shoulder surfing
● Eavesdropping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Maintaining Situational Awareness

Measures to counter threats

● Shoulder surfing
● Eavesdropping

A

● Privacy screen protectors

● Secure discussions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Piggybacking and Tailgating

A

Social engineers may try to enter secured premises by closely following authorised personnel

■ Use access control vestibules to restrict entry to one person at a time

■ Maintain situational awareness to prevent unauthorised access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Dumpster Diving

A

Attackers sift through garbage for discarded information

■ Employees with situational awareness can spot such activities

■ Dispose of sensitive data securely to avoid being a victim of this attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Operational Security (OPSEC)

A

Protects critical information from being used by adversaries

■ Safeguard sensitive data, daily routines, and internal procedures

■ Discourage sharing seemingly innocuous details on social media or during
personal interactions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Technological Social Engineering Attacks

A

Baiting attacks use removable media devices (e.g., USB thumb drives) and charging cables

■ Picking up or connecting found devices can infect workstations or networks with malware

■ Carry your own charging cables and chargers to avoid untrusted ones

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Pressure Tactics

A

Social engineers may use a sense of urgency or fear to manipulate individuals

■ Urgent requests aim to bypass normal security protocols

■ People are more likely to make mistakes when rushed into action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Proactive Culture of Security

A

■ Train employees regardless of their position in the company

■ Educate on recognizing phishing attempts, data privacy, and safe online behavior

■ Encourage employees to report suspicious activities

■ Conduct practical exercises, like simulated phishing attacks, to test and remediate
employees’ responses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security + (SY0-701) (238 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions