click below
click below
Normal Size Small Size show me how
Social Engineering
CompTIA+ topic quiz
Question | Answer |
---|---|
A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information is commonly referred to as: | a. phishing |
Which of the following answers refer to smishing? (Select 2 answers) | a. Social engineering technique d. Text messaging |
The practice of using a telephone system to manipulate user into disclosing confidential information is known as: | c. Vishing |
Which of the following terms is commonly used to describe an unsolicited advertising message? | d. spam |
What type of spam relies on text-based communication? | b. spim |
Phishing scams targeting a specific group of people are referred to as: | b. spear phishing |
In computer security, the term "Dumpster diving" is used to describe a practice of sifting through trash for discarded documents containing sensitive data. Found documents containing names and surnames of the employees along with the information about... | a. true |
A situation in which an unauthorized person can view another user's display or keyboard to learn their password or other confidential information is referred to as: | c. shoulder surfing |
Which of the following answers refer to the characteristic features of pharming? (Select 3 answers) | b. traffic redirection c. fraudulent website e. credential harvesting |
what is tailgating? | c. gaining unauthorized access to restricted areas by following another person |
In social engineering, the term "Elicitation" describes the use of casual conversation to extract non-public information from people without giving them the feeling they are being interrogated. | a. true |
Bracketing | Providing a high and low estimate in order to entice a more specific number |
Confidential bait | Pretending to divulge confidential information in hopes of receiving confidential information in return |
Deliberate false statements | Saying something wrong in the hopes that the person will correct the statement with true information |
Feigned ignorance | Pretending to be ignorant of a topic in order to exploit the person’s tendency to educate |
Denial of the obvious | Saying something wrong in the hopes that the person will correct the statement with true information |
Flattery | Using praise to coax a person into providing information |
Phishing scams targeting people holding high positions in an organization or business are known as: | c. whaling |
Which of the following is used in data URL phishing? | a. prepending |
An email message containing a warning related to a non-existent computer security threat, asking a user to delete system files falsely identified as malware, and/or prompting them to share the message with others would be an example of: | c. virus hoax |
Which social engineering attack relies on identity theft? | a. impersonation |
Which of the terms listed below refers to a platform used for watering hole attacks? | b. websites |
The term "URL hijacking" (a.k.a. "Typosquatting") refers to a practice of registering misspelled domain name closely resembling other well established and popular domain name in hopes of getting Internet traffic from users who... | a. true |
An attacker impersonates a company's managing staff member to manipulate a lower rank employee into disclosing confidential data... Which social engineering principles apply to this attack scenario? (Select 3 answers) | a. urgency c. authority e. intimidation |
An attacker impersonating a software beta tester replies to a victim's post in a forum thread discussing the best options for affordable productivity software... Which social engineering principles apply to this attack scenario? (Select 3 answers) | d. scarcity e. familiarity f. trust |
While conducting a web research that would help in making a better purchasing decision, a user visits series of Facebook pages and blogs containing fake reviews and testimonials in... Which social engineering principle applies to this attack scenario? | c. consensus |