13.2 Social Engineering

Your page rank:

Total word count: 484
Pages: 2

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

What is the primary countermeasure to social engineering?

Awareness

Which of the following are example of social engineering? (select two)

Shoulder surfing Dumpster diving

How can an organization help prevent social engineering attacks? (select two)

Educate employees on the risks and countermeasures Publish and enforce clearly written security policies

Users on your network report that they have received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. No one in your company has sent this email.

What type of attack is this?

Phishing

A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn’t know and he is asking for immediate clarification on several of the project’s details so the project can get back on schedule.

Which type of an attack best describes the scenario?

Whaling

Which of the following is a common form of social engineering attack?

Hoax virus information e-mails

Which of the following is not a form of social engineering?

Impersonating a user by logging on with stolen credentials

You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you are to go to a website and enter your username and password at a new website so you can manage your email and spam using the new service.

What should you do?

Verify that the email was sent by the administrator and that this new service is legitimate

way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can "fix the restroom."

What should you do?

Direct him to the front entrance and instruct him to check in with the receptionist

Dumpster diving is a low-tech means of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving?

Establish and enforce a document destruction policy

What is the primary difference between impersonation and masquerading?

One is more active, the other is more passive

An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information

An attacker gathers personal information about the target individual, who is a CEO

An attacker gathers personal information about the target individual in an organization

An attacker searches through an organizations sensitive information

An attacker enters a secured building by following an authorized employee through a secure door

An attacker uses a telephone to convince target individuals to reveal their credit card information

Phishing Whaling Spear phishing Dumpster diving Piggybacking Vishing

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending