Social Engineering Flashcards
By only visiting websites via a trusted search engine and landing on legitimate pages you avoid drive by downloads entirely.
True
False
False
Spear phishing can be differentiated from other types of phishing by their use of the latest news sources to create a believable story.
True
False
False
Which DDoS attack spoofs the source address of a broadcast ping packet to overwhelm the victim with ping replies?
ICMP Flood
Smurf Attack
Ping of Death
None of the above
Smurf Attack
What is the distiguishing feature of a pretexting attack?
An excuse is devised in advance in case the attacker is caught trespassing.
A text message is sent beforehand in an attempt to legitimize the attacker’s visitors.
A story is devised to cast legitimacy and garnish cooperation during the interaction with the victim.
A story is devised to cast legitimacy and garnish cooperation during the interaction with the victim.
Which of the following is an attack involving leaving infected data storage devices near areas victims will cross, in hopes they will plug them into systems with valuable information?
Avenue Avocado
Court Pear
Road Apple
Highway Banana
Road Apple
Which measure(s) could be used to stop a DDoS attack against your device?
Install an anti-virus
Make use of an Intrusion Prevention System
Make your device drop all ICMP packets
All of the above.
Make your device drop all ICMP packets
What are ways to help prevent pretexting attacks?
Implement identity verification congruent with the security level being sought.
Contact the inquisitor’s company by looking them up, and not a number given by the inquisitor.
Calling your supervisor if unsure of how to proceed.
All of the above.
All of the above.
Drive by downloads can occur even on legitimate websites without the hosting party’s knowledge.
True
False
True
Which of the following is an indicator that a received e-mail may be a Phishing attempt?
No introduction or signature blocks in an e-mail.
A claim that there’s a problem with your account and a link to a website.
A power failure occurs shortly after opening an e-mail.
None of the above.
A claim that there’s a problem with your account and a link to a website.
How can you help prevent drive by downloads?
Use an out of date browser to trick attackers targeting newer software.
Only use your admin account for program installations.
Use your admin account at all times so anti-virus scans run with the highest privilege.
Input IP addresses directly into the URL bar, avoiding compromised DNS servers.
None of the above.
Input IP addresses directly into the URL bar, avoiding compromised DNS servers.
Which of the following measures is least likely to help against infected removable storage devices?
Disable Autoplay.
Have an approved software list.
Enforce anti-virus use.
Mandate periodic awareness training.
Have an approved software list.
Which of the following would not help preventing Phishing attempts?
Forwarding a suspected e-mail to a colleague to see what he thinks.
Protecting of accounts by using multi-factor authentication.
Utilizing security software, such as an anti-virus.
Forwarding suspected e-mails to the Anti-Phishing Working Group
Forwarding a suspected e-mail to a colleague to see what he thinks.
What do Drive-by downloads take advantage of:
Insecure applications
Outdated applications
Vulnerable operating systems
All of the above
All of the above
What can you do to minimize the chances of being a target of spear phishing?
Keep up with the latest news publications.
Minimize personal information you share online.
Get on a first name basis with your local Network Enterprise Center technicians.
None of the above
Minimize personal information you share online.
Drive-by downloads require users to interact with the page in order for malicious code to download.
True
False
False