Social Engineering

Question 1

An unauthorized practice of obtaining confidential information by manipulating people into disclosing sensitive data is referred to as:

Answer 1

Social engineering

Question 2

A fraudulent email requesting its recipient to reveal sensitive information (e.g. username and password) used later by an attacker for the purpose of identity theft is an example of: [2]

Answer 2

• Social engineering

- Phishing

Question 3

A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information they shouldn’t have access to is commonly referred to as:

Answer 3

Phishing

Question 4

Phishing scams targeting a specific group of people are referred to as:

Answer 4

Spear phishing

Question 5

Phishing scams targeting people holding high positions in an organization or business are known as:

Answer 5

Whaling

Question 6

Which social engineering attack relies on identity theft?

Answer 6

Impersonation

Question 7

A situation in which an unauthorized person can view someone’s display or keyboard to learn their password or other confidential information is referred to as:

Answer 7

Shoulder surfing

Question 8

What is tailgating?

Answer 8

Gaining unauthorized access to restricted areas by following another person

Question 9

What term is used to describe a practice of sifting through trash for discarded documents containing sensitive data?

Answer 9

Dumpster diving