Social Engineering Techniques and Countermeasures Flashcards
John, a threat actor, called up Johana, the IT help desk member of the targeted organization, and informed her that Mr. Tibiyani was about to give a presentation to customers but he could not open his files as they were corrupted and that Mr. Tibiyani requested him to call and ask her to send the files to him as soon as possible to start the presentation. Identify the social engineering context created by the attacker in the above scenario.
Intimidation: By merely appearing to be busy and upset, the attacker already becomes intimidating to a target. Also, by talking in an authoritative tone, the social engineer intimidates the target.
Don, a professional hacker, telephoned Bob and claimed to be a network administrator in the target organization. Don informed Bob about a security incident in the network and asked him to provide his account credentials to secure his data. After obtaining these credentials, Don retrieved sensitive information from Bob’s account. Which of the following vulnerable behaviors was showcased by Don in the above scenario?
Authority: Authority implies the right to exercise power in an organization. Attackers take advantage of this by presenting themselves as a person of authority, such as a technician or an executive, in a target organization to steal important data.
In which of the following social engineering attacks do attackers install small cameras to record the victim’s system’s actions to obtain login details and other sensitive information?
Shoulder Surfing: Attackers use shoulder surfing to find out passwords, personal identification numbers, account numbers, and other information. They sometimes even use binoculars and other optical devices or install small cameras to record the actions performed on the victim’s system to obtain login details and other sensitive information.
In which of the following attacks does an attacker send an email or message to the target offering free gifts such as money and software, on the condition that the user forwards the email to a predetermined number of recipients?
Chain letters: Email chain letters can be scams, They can contain viruses.
Identify the type of insiders who are uneducated on the latest potential security threats or simply bypass general security procedures to achieve workplace efficiency.
Negligent Insider: Insiders, who are uneducated on potential security threats or simply bypass general security procedures to meet workplace efficiency, are more vulnerable to social engineering attacks. Many insider attacks result from employee’s laxity towards security measures, policies, and practices.
Dennis, an employee experiencing conflict with the management of an organization, uses steganography programs to hide company secrets. He sends this information to competitors, for certain financial benefits, as an innocuous-looking message embedding company secrets in a picture via his official email account.
Identify the type of insider attack performed by Dennis in the above scenario.
Disgruntled Employees: Attacks may come from unhappy employees or contract workers. Disgruntled employees, who intend to take revenge on the company, first acquire information and then wait for the right time to compromise the organization’s resources.
Which of the following password policies can help administrators increase password security?
Block user accounts if a user exceeds a certain number of failed attempts
Identify the default authentication method in Microsoft operating systems that uses secret-key cryptography for validating identities.
Kerberos is a network authentication protocol that provides strong authentication for client/server applications through secret-key cryptography. This protocol provides mutual authentication, in that both the server and the user verify each other’s identity. Messages sent through the Kerberos protocol are protected against replay attacks and eavesdropping.
Which of the following techniques involves gaining information by listening to someone’s conversation or reading private messages being shared between them?
Eavesdropping: Purposely overhearing confidential conversations between employees) to gather sensitive information that might help launch an attack on the organization.
Messy, an ex-employee of an organization, was fired because of misuse of resources and security violations. He sought revenge against the company and targeted its network, as he is already aware of its network topology. Which of the following categories of insiders does Messy belong to?
Malicious Insider: Malicious insider threats come from disgruntled or terminated employees who steal data or destroy company networks intentionally by injecting malware into the corporate network.