Security + Social Engineering Flashcards

1
Q

Privilege escalation

A

technique that allows an attacker to gain higher-level access to a system or network than they originally had.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Shoulder surfing

A

technique used in cyber security to steal personal information by looking over a victim's shoulder.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Phishing

A

when attackers send scam emails (or text messages) that contain links to malicious websites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Spear phishing

A

tactic that involves sending emails to specific people or departments within an organization, appearing to come from a trusted source,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

smishing

A

uses **fake mobile text messages **to trick people into *downloading malware*,

sharing sensitive information or sending money to cybercriminals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Vishing

A

uses the PHONE to trick people into sharing sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Pharming

A

redirects a user’s traffic to a fake website without their knowledge or consent.

The goal is to steal sensitive information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Whaling

A

targets high-ranking executives or other people with significant authority in an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

SPIM

A

Spam over Instant Messaging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SPIT (Spam over Internet Telephony)

A

fills a voicemail box with bogus voicemails.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Tailgating

A

occurs when an **unauthorized person ** gains access to a secure area by following someone who has legitimate credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Virus hoax

A

The **message is forwarded **to you by a friend or colleague. The message usually does not contain an attachment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Watering hole attack

A

targets a group of users by infecting websites they frequently visit.

The goal is to infect the target’s computer with malware

2019 Holy Water Campaign

In 2019, a watering-hole attack, called Holy Water Campaign, targeted Asian religious and charity groups. Victims were prompted to update Adobe Flash which triggered the attack. It was creative and distinct due to its fast evolution. The motive remains unclear.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Dumpster diving

A

the act of extracting information from discarded physical or digital waste

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Impersonation

A

where an adversary pretends to be a **trusted person **or organization to gain access to sensitive resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly