Social Engineering and other Foes

Question 1

As part of your training program, you’re trying to educate users on the importance of security.

You explain to them that not every attack depends on implementing advanced technological methods. Some attacks take advantage of human shortcomings to gain access that should otherwise be denied. What term do you use to describe attacks of this type?

Social engineering

IDS system

Perimeter security

Answer 1

Social engineering

Social engineering attacks take advantage of our inherent trust as human beings, as opposed to technology, to gain access to your environment

Question 2

Which of the following is another name for social engineering?

Social disguise

Social hacking

Wetware

Answer 2

Wetware

Wetware is another name for social engineering

Question 3

Which of the following is the best description of tailgating?

Following someone through a door they just unlocked

Figuring out how to unlock a secured area

Sitting close to someone in a meeting

Answer 3

Following someone through a door they just unlocked

Tailgating is best defined as following someone through a door they just unlocked

Question 4

What is the form of social engineering in which you simply ask someone for a piece of information that you want by making it look as if it is a legitimate request?

Hoaxing

Spamming

Phishing

Answer 4

Phishing

Phishing is the form of social engineering in which you simply ask someone for a piece of information that you want by making it look as if it is a legitimate request

Question 5

When you combine phishing with Voice over IP, it is known as:

Spooning

Whaling

Vishing

Answer 5

Vishing

Vishing involves combining phishing with Voice over IP

Question 6

Which of the following is the best description of shoulder surfing?

Following someone through a door they just unlocked

Figuring out how to unlock a secured area

Watching someone enter important information

Answer 6

Watching someone enter important information

Shoulder surfing is best defined as watching someone enter important information

Question 7

Which of the following is an intermediate access control mechanism used in a high-security installation that requires visual identification, as well as authentication, to gain access?

Mantrap

Fencing

Proximity reader

Answer 7

Mantrap

High-security installations use a type of intermediate access control mechanism called a mantrap. Mantraps require visual identification, as well as authentication, to gain access. A mantrap makes it difficult for a facility to be accessed by a large number of individuals at once because it allows only one or two people into a facility at a time

Question 8

You’ve been drafted for the safety committee. One of your first tasks is to inventory all the fire extinguishers and make certain that the correct types are in the correct locations throughout the building. Which of the following categories of fire extinguisher is intended for use on electrical fires?

Type A

Type B

Type C

Answer 8

Type C

Type C fire extinguishers are intended for use in electrical fires

Question 9

Which of the following will not reduce EMI?

Physical shielding

Humidity control

Overhauling worn motors

Answer 9

Humidity control

Electrical devices, such as motors, that generate magnetic fields cause EMI. Humidity control does not address EMI

Question 10

Which of the following is the best example of perimeter security?

Chain link fence

Video camera

Elevator

Answer 10

Chain link fence

Perimeter security involves creating a perimeter or outer boundary for a physical space. Video surveillance systems wouldn’t be considered a part of perimeter security, but they can be used to enhance physical security monitoring

Question 11

You’re the leader of the security committee at ACME Company. After a move to a new facility, you’re installing a new security monitoring system throughout. Which of the following categories best describes a motion detector mounted in the corner of a hallway?

Perimeter security

Partitioning

Security zone

Answer 11

Security zone

A security zone is an area that is a smaller component of the entire facility. Security zones allow intrusions to be detected in specific parts of the building

Question 12

Which technology uses a physical characteristic to establish identity?

Biometrics

Surveillance

Smart card

Answer 12

Biometrics

Biometrics is a technology that uses personal characteristics, such as a retinal pattern or fingerprint, to establish identity

Question 13

The process of reducing or eliminating susceptibility to outside interference is called what?

Shielding

EMI

TEMPEST

Answer 13

Shielding

Shielding keeps external electronic signals from disrupting operations

Question 14

You work for an electronics company that has just created a device that emits less RF than any competitor’s product. Given the enormous importance of this invention and of the marketing benefits it could offer, you want to have the product certified. Which certification is used to indicate minimal electronic emissions?

RFI

CC EAL 4

TEMPEST

Answer 14

TEMPEST

TEMPEST is the certification given to electronic devices that emit minimal RF. The TEMPEST certification is difficult to acquire, and it significantly increases the cost of systems

Question 15

Due to growth beyond current capacity, a new server room is being built. As a manager, you want to make certain that all the necessary safety elements exist in the room when it’s finished. Which fire-suppression system works best when used in an enclosed area by displacing the air around a fire?

Gas-based

Water-based

Fixed system

Answer 15

Gas-based

Gas-based systems work by displacing the air around a fire. This eliminates one of the three necessary components of a fire: oxygen

Question 16

Type K fire extinguishers are intended for use on cooking oil fires. This type is a subset of which other type of fire extinguisher?

Type A

Type B

Type C

Answer 16

Type B

Type K fire extinguishers are a subset of Type B fire extinguishers

Question 17

Proximity readers work with which of the following? (Choose all that apply.)

15. 75 fob card
16. 32 surveillance card
17. 56 MHZ smart card

125 kHz proximity card

Answer 17

13.56 MHZ smart card

125 kHz proximity card

Proximity readers work with 13.56 MHz smart cards and 125 kHz proximity cards

Question 18

In a hot and cold aisle system, what is the typical method of handling cold air?

It is pumped in from below raised floor tiles.

It is pumped in from above through the ceiling tiles.

Only hot air is extracted, and cold air is the natural result.

Answer 18

It is pumped in from below raised floor tiles.

With hot and cold aisles, cold air is pumped in from below raised floor tiles

Question 19

If RF levels become too high, it can cause the receivers in wireless units to become deaf. This process is called:

Clipping

Desensitizing

Distorting

Answer 19

Desensitizing

If RF levels become too high, it can cause the receivers in wireless units to become deaf, and it is known as desensitizing. This occurs because of the volume of RF energy present

Question 20

RFI is the byproduct of electrical processes, similar to EMI. The major difference is that RFI is usually projected across which of the following?

Network medium

Electrical wiring

Radio spectrum

Answer 20

Radio spectrum

RFI is the byproduct of electrical processes, similar to EMI. The major difference is that RFI is usually projected across a radio spectrum. Motors with defective brushes can generate RFI, as can a number of other devices