Social Engineering PEs

Question 1

By only visiting websites via a trusted search engine and landing on legitimate pages you avoid drive by downloads entirely.

Answer 1

False

Question 2

Spear phishing can be differentiated from other types of phishing by their use of the latest news sources to create a believable story.

Answer 2

False Its identifying specific individuals

Question 3

Which DDoS attack spoofs the source address of a broadcast ping packet to overwhelm the victim with ping replies?

Answer 3

ICMP Flood

Question 4

What is the distiguishing feature of a pretexting attack?

Answer 4

A story is devised to cast legitimacy and garnish cooperation during the interaction with the victim.

Question 5

Which of the following is an attack involving leaving infected data storage devices near areas victims will cross, in hopes they will plug them into systems with valuable information?

Answer 5

Road Apple

Question 6

Which measure(s) could be used to stop a DDoS attack against your device?

Answer 6

Make your device drop all ICMP packets

Question 7

What are ways to help prevent pretexting attacks?

• Implement identity verification congruent with the security level being sought.
• Contact the inquisitor’s company by looking them up, and not a number given by the inquisitor.
• Calling your supervisor if unsure of how to proceed.
• All of the above.

Answer 7

All of the above.

Question 8

What does the acronym DoS Stand for?

Answer 8

Denial of Service

Question 9

Drive by downloads can occur even on legitimate websites without the hosting party’s knowledge.

Answer 9

True

Question 10

Which of the following is an indicator that a received e-mail may be a Phishing attempt?

Answer 10

A claim that there’s a problem with your account and a link to a website.

Question 11

What does the acronym DDoS Stand for?

Answer 11

Distributed Denial of Service

Question 12

How can you help prevent drive by downloads?

Answer 12

Only use your admin account for program installations.

Question 13

Which of the following measures is least likely to help against infected removable storage devices?

Answer 13

Have an approved software list.

Question 14

Which of the following would not help preventing Phishing attempts?

Answer 14

Forwarding a suspected e-mail to a colleague to see what he thinks.

Question 15

What do Drive-by downloads take advantage of:

• Insecure applications
• Outdated applications
• Vulnerable operating systems
• All of the above

Answer 15

All of the above

Question 16

What can you do to minimize the chances of being a target of spear phishing?

Answer 16

Minimize personal information you share online.

Question 17

Drive-by downloads require users to interact with the page in order for malicious code to download.

Answer 17

False

Question 18

Which of the following is a type of DoS attack.

Answer 18

SYN Flood

Question 19

What is the defining feature of a Quid Pro Quo attack?

Answer 19

Something of perceived value is offered for whatever is being requested.