Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CEH > Social engineering > Flashcards

Social engineering Flashcards

1
Q

Define Social engineering

A

Art of convincing people to reveal confidential information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Steps of social engineering

A

Research - Gather info on target org
Select target - Choose indiv target
build Relationship - Earn target trust
Exploit - Extract information from target

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the term for Stealing someone’s information to pose as that person?

A

Identity theft

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What foss tool can perform credential harvesting and attacks like website attack vectors, mass mailer attack, sms spoofing, QRCode generator, WAP attack…

A

Social-Engineer Toolkit (SET)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the term for pretending to be someone else to learn needed information

A

Impersonation aka masquerading

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the term for secretly listening to other peoples communication without consent.

A

Eavesdropping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the term for observing victims when they’re using devices such as ATMs, computers, kiosks…

A

Shoulder surfing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the term for collecting information from the target’s trash bins

A

Dumpster diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the method that is initiated by the victim that’s tricked into contacting the attacker herself where an attacker poses as an authority figure usually by creating a problem then offering a solution.

A

Reverse social engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the term for convincing authorized personnel to let attacker into a secured area which differs from tailgating as it includes consent of the personal.

A

Piggybacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Gaining access to restricted areas by following another person where the countermeasure is using man traps as because they only allow single person at a time.

A

Tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Use of the telephone to perform the attack (voice and phishing)

A

Vishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Attack where the attacker sends a link to a malicious website to collect information.

E.g. someone calls, asks to fill a form, and says it’s a company survey and it’ll help company a lot.

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A very targeted attack on a high value victim called “Whale” (big fish).
Usually targets high-level executives

A

Whaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Using specialized phishing content for a specific person or group of people.
Generate higher response rate as it’s more personalized

A

Spear Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Redirect a website’s traffic to a malicious one through DNS poisoning, host file modification, etc.

A

Pharming

17
Q

Name 2 Anti-phishing tools

A

Netcraft: maintains malicious site blacklists against phishing

PhishTank: website containing phishing websites

18
Q

Sending malicious links through SMS messages and urge their targets to act

A

SMShishing or smishing

19
Q
A

CEH (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions