Social Engineering and other Foes Flashcards
As part of your training program, you’re trying to educate users on the importance of security.
You explain to them that not every attack depends on implementing advanced technological methods. Some attacks take advantage of human shortcomings to gain access that should otherwise be denied. What term do you use to describe attacks of this type?
Social engineering
IDS system
Perimeter security
Social engineering
Social engineering attacks take advantage of our inherent trust as human beings, as opposed to technology, to gain access to your environment
Which of the following is another name for social engineering?
Social disguise
Social hacking
Wetware
Wetware
Wetware is another name for social engineering
Which of the following is the best description of tailgating?
Following someone through a door they just unlocked
Figuring out how to unlock a secured area
Sitting close to someone in a meeting
Following someone through a door they just unlocked
Tailgating is best defined as following someone through a door they just unlocked
What is the form of social engineering in which you simply ask someone for a piece of information that you want by making it look as if it is a legitimate request?
Hoaxing
Spamming
Phishing
Phishing
Phishing is the form of social engineering in which you simply ask someone for a piece of information that you want by making it look as if it is a legitimate request
When you combine phishing with Voice over IP, it is known as:
Spooning
Whaling
Vishing
Vishing
Vishing involves combining phishing with Voice over IP
Which of the following is the best description of shoulder surfing?
Following someone through a door they just unlocked
Figuring out how to unlock a secured area
Watching someone enter important information
Watching someone enter important information
Shoulder surfing is best defined as watching someone enter important information
Which of the following is an intermediate access control mechanism used in a high-security installation that requires visual identification, as well as authentication, to gain access?
Mantrap
Fencing
Proximity reader
Mantrap
High-security installations use a type of intermediate access control mechanism called a mantrap. Mantraps require visual identification, as well as authentication, to gain access. A mantrap makes it difficult for a facility to be accessed by a large number of individuals at once because it allows only one or two people into a facility at a time
You’ve been drafted for the safety committee. One of your first tasks is to inventory all the fire extinguishers and make certain that the correct types are in the correct locations throughout the building. Which of the following categories of fire extinguisher is intended for use on electrical fires?
Type A
Type B
Type C
Type C
Type C fire extinguishers are intended for use in electrical fires
Which of the following will not reduce EMI?
Physical shielding
Humidity control
Overhauling worn motors
Humidity control
Electrical devices, such as motors, that generate magnetic fields cause EMI. Humidity control does not address EMI
Which of the following is the best example of perimeter security?
Chain link fence
Video camera
Elevator
Chain link fence
Perimeter security involves creating a perimeter or outer boundary for a physical space. Video surveillance systems wouldn’t be considered a part of perimeter security, but they can be used to enhance physical security monitoring
You’re the leader of the security committee at ACME Company. After a move to a new facility, you’re installing a new security monitoring system throughout. Which of the following categories best describes a motion detector mounted in the corner of a hallway?
Perimeter security
Partitioning
Security zone
Security zone
A security zone is an area that is a smaller component of the entire facility. Security zones allow intrusions to be detected in specific parts of the building
Which technology uses a physical characteristic to establish identity?
Biometrics
Surveillance
Smart card
Biometrics
Biometrics is a technology that uses personal characteristics, such as a retinal pattern or fingerprint, to establish identity
The process of reducing or eliminating susceptibility to outside interference is called what?
Shielding
EMI
TEMPEST
Shielding
Shielding keeps external electronic signals from disrupting operations
You work for an electronics company that has just created a device that emits less RF than any competitor’s product. Given the enormous importance of this invention and of the marketing benefits it could offer, you want to have the product certified. Which certification is used to indicate minimal electronic emissions?
RFI
CC EAL 4
TEMPEST
TEMPEST
TEMPEST is the certification given to electronic devices that emit minimal RF. The TEMPEST certification is difficult to acquire, and it significantly increases the cost of systems
Due to growth beyond current capacity, a new server room is being built. As a manager, you want to make certain that all the necessary safety elements exist in the room when it’s finished. Which fire-suppression system works best when used in an enclosed area by displacing the air around a fire?
Gas-based
Water-based
Fixed system
Gas-based
Gas-based systems work by displacing the air around a fire. This eliminates one of the three necessary components of a fire: oxygen