Section 3.2 Flashcards
One of the most important skills a hacker can have.
Social Engineering
It is the art of convincing people that you are worthy of knowing information and you have the ability to convince someone you are who you say you are.
Social Engineering
Two techniques to gain information
1.
2.
- Shoulder surfing
2. Dumpster diving
Looking over someone’s shoulder and watching what they are doing. Watch and see where their fingers go when typing a password. You have to know how to not get caught.
Shoulder Surfing
Phone phreaker love to look outside of phone companies in the what?
Dumpster
Unless you are trespassing on someone’s land you are allowed to dumpster dive. When the trash is taken to the curb anyone can go through it. True or False
True
He went into blockbuster and pretended he was from corporate and trying to fix their problem. They tell him their isn’t a problem and he gives them his card and then goes home and creates the problem . They call him and he goes back to “fix” the problem and gets the users username and password and then he goes through user records and all their information. Who did this?
Kevin Mitnick
You create a fake situation in order to advance some agenda.
Pretexting
Way to get through physical security. Example: if you walk right behind someone the human instinct is to hold the door. This is known as what?
Tailgating
Get a heavy box and act like you cannot get into your pocket to get your card swipe out. This is known as what?
Tailgating from the front
Any time you find something wrong with a system.
Vulnerabilities
SQL injection is a what?
Vulnerability
Zero-day vulnerability is something that no one knows about yet but you. There are trophies of the zero-day vulnerabilities.
Exploits
Downloaded or hacked software can be referred to the exploits that people code and give it to my buddies.
“Warez”
People who are expected to be there.
Internal hackers
Everyone else on the network that is not expected to be there?
External hackers
IF you work at the bank and attack the bank.
Internal hacker
IF you don’t work at the bank and you attack the bank
External hacker
Most attacks are internal or external?
Internal