click below
click below
Normal Size Small Size show me how
Security+ Chapter 4
Security+ Chapter 4 Review Questions
Question | Answer |
---|---|
Name all seven key social engineering principles that the Security+ exam focuses on. | Authority, intimidation, consensus, scarcity, familiarity, trust, and urgency |
Name at least five social engineering techniques mentioned in the book. | Phishing, credential harvesting, website attacks, spam, in-person techniques, identify fraud and impersonation, and reconnaissance |
What is phishing? | Phishing is a broad term used to describe the fraudulent acquisition of information, often focused on credentials like usernames and passwords, as well as sensitive personal information like credit card numbers and related data. |
What is credential harvesting? | Credential harvesting is the process of gathering credentials like usernames and passwords |
What does shoulder surfing mean? | Shoulder surfing is the process of looking over a person’s shoulder to capture information like passwords or other data. |
What is tailgating? | Tailgating is a physical entry attack that requires simply following someone who has authorized access to an area so that as they open secured doors you can pass through as well. |
List all three definitions of prepending. | 1. Adding an expression or phrase to fool a user into thinking it has passed an anti-spam tool 2. Adding information as part of another attack to manipulate the outcome. 3. Suggesting topics via a social engineering conversation to lead a target |
Name three password-related attacks | Brute force attacks, password spraying attacks, and dictionary attacks |
Give some examples of physical attacks. | Malicious flash drive attacks, malicious USB cables, card cloning attacks, and supply chain attacks |