Social Engineering Flashcards

1
Q

what is social Engineering

A
  • a way of gaining sensitive information or illegal access to networks
  • by influencing people, usually the employees of large companies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are the two main types of social Engineering

A
  • over the phone

- phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

how does social Engineering take place over the telephone

A
  • someone rings an employee of a company
  • pretending to be a network administrator or somebody else within the organisation
  • they gain the employees trust and persuade them to disclose confidential information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what is phishing

A
  • when criminals send emails or texts to people claiming they are from a well-known by business
  • the email contain spoof versions of the company’s site
  • they request that thef user update their personal information
  • when they do they hand it to the criminals
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

how do we protect ourselves from phishers

A
  • many email programs, browsers and firewalls have anti-phishing features
  • they reduce the number of phishing emails received
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what are sql injections

A
  • pieces of sql types into a websites input box

- which then reveals sensitive informsation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

how do sql injections work

A
  • a website may allow you to view your account information as long as you enter your password into an input box
  • if a websites sql code does not have strong enough input validation
  • someone may be able to enter a piece of sql code which allows them to access other peoples account information as well as their own
How well did you know this?
1
Not at all
2
3
4
5
Perfectly