Threats attacks vulnerability

Question 1

Eliciting information

Answer 1

the act of drawing out or calling forth information or a response. It can be used in a variety of contexts, including social work, questioning, and social engineering.

Question 2

Prepending

Answer 2

the technique where malicious characters or code are added at the beginning of a legitimate file, string, or command

Question 3

Invoice scams

Answer 3

a type of phishing scam that involve sending an invoice or bill to an individual or company to request payment for goods or services

Question 4

Identity fraud

Answer 4

when someone tries to steal and use your personally identifiable information to defraud or harm you.

Question 5

Credential harvesting

Answer 5

is a cyberattack technique that involves stealing personal or financial data from users

Question 6

Reconnaissance

Answer 6

a critical phase in the cyber attack lifecycle where threat actors gather information about potential targets and vulnerabilities to help them find attack paths

Question 7

Hoax

Answer 7

take the form of false virus alerts (such as the “Good Times” hoax), chain letters, or attempts to spread false information about some issue (such as warnings that the Federal Government is about to tax e-mail).

Question 8

Impersonation

Answer 8

is an act of fraudulently or dishonestly making use of the electronic signature, password or any other unique identification feature of any other person.

Question 9

Hybrid warfare

Answer 9

combine military and non-military as well as covert and overt means, including disinformation, cyber attacks, economic pressure, deployment of irregular armed groups and use of regular forces.

Question 10

Authority

Answer 10

is the process of giving a user permission to access a resource, such as a document, application, website, or physical location

Question 11

Intimidation

Answer 11

when a social engineer attempts to intimidate a victim by trying to appear superior to the victim

Question 12

Consensus

Answer 12

when a social engineer convinces victims they can be trusted.

Question 13

Scarcity

Answer 13

a psychological manipulation technique that uses scarcity to create a false sense of urgency and make a victim feel they must act quickly

Question 14

Familiarity

Answer 14

when a social engineer attempts to use charisma or likeability to get a victim to complete a request

Question 14

Trust

Answer 14

the phrase used to describe the many actions involved when an individual or group engages in lying and using technology to manipulate trust relationships.

Question 15

Urgency

Answer 15

make victims act quickly without noticing suspicious signs.

Question 16

State actors

Answer 16

government-affiliated hackers or other groups that are funded or directed by a nation-state to conduct malicious cyber activities.

Question 17

Hacktivists

Answer 17

the use of cyber space to perform hacking activities to achieve social or political goals

Question 18

Criminal syndicates

Answer 18

Cybercriminal groups are made up of hackers, developers, and other tech professionals who work together to carry out large-scale online heists.

Question 19

Advanced persistent threat (APT)

Answer 19

a covert cyber attack on a computer network where the attacker gains and maintains unauthorized access to the targeted network and remains undetected for a significant period.

Question 19

Insider threats

Answer 19

a cyber security risk that originates from within an organization. It typically occurs when a current or former employee, contractor, vendor or partner with legitimate user credentials m