Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Information Security > Social Engineering > Flashcards

Social Engineering Flashcards

1
Q

Name examples of SE.

A

Posing as a fellow employee (easier in a large
organization)
Posing as an employee of a vendor, partner company, or
law enforcement
Posing as someone in authority
Posing as a new employee requesting help
Using insider lingo and terminology to gain trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the steps of the SE life cycle?

A

Research: attackers try to find out as much as possible
beforehand from annual reports, brochures, web site,
dumpster diving
Developing trust: use of insider information,
misrepresenting identity, need for help or authority
Exploiting trust: ask victim for information or other form of
help (or manipulate victim into asking for help)
Utilize information: if final goal not reached yet, go back to
earlier steps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are warning signs of an SE attack?

A 
Unusual request
Refusal to give callback number
Claim of authority
Stresses urgency
Threatens negative consequences in case of
non-compliance
Shows discomfort when questioned or challenged
Name dropping
Compliments or flattery
Flirting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How to stop SE attacks?

A

Have procedures in place for handling suspicious requests:
Make Staff part of the security policy
Training of staff plays an important role
Explain why certain procedures are put in place (blind
obedience doesn’t work)
Staff has to be trained to challenge authority when security
is at stake

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Information Security (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions