Deception

Question 1

Social Engineering

what is Social Engineering

Answer 1

a non-technical strategy that attempts to manipulate individuals into performing certain actions or reveal confidential information.

Question 2

Social Engineering

social engineering exploits what? name 3

Answer 2

1. human nature
2. taking advantage of people’s willingness to help
   3.preying on their weaknesses, such as greed or vanity.

Question 3

Social Engineering

name 3 common types of social engineering attacks.

Answer 3

1. Pretexting
2. Something for something (quid pro quo)
   Identity fraud

Question 4

Social Engineering

what is Pretexting

Answer 4

when an individual lies to gain access to privileged data

EX: attacker pretends to need personal or financial data to confirm a pe

Question 5

Social Engineering

what is (quid pro quo)

Answer 5

Something for something

Question 6

Social Engineering

what is Something for something (quid pro quo)

Answer 6

a request for personal information in exchange for something

Question 7

Social Engineering

Identity fraud

Answer 7

use of a person’s stolen identity to obtain goods or services by deception.

Question 8

Social Engineering

Social Engineering Tactics name 7

Answer 8

1. authority
   2.intimidation
   3.consensus
   4.scarcity
   5.urgency
   6.familiarity
   7.trust

Question 9

Social Engineering

authority is?

Answer 9

instructed by someone they perceive as an authority figure.

Question 10

Social Engineering

intimidation is

Answer 10

bullying a victim into taking an action that compromises security.

Question 11

Social Engineering

consensus is?
Often called ‘social proof,

Answer 11

act in the same way as other people around them, thinking that something must be right if others are doing it.

Question 12

Social Engineering

scarcity is

Answer 12

to act when they think there is a limited quantity of something available.

Question 13

Social Engineering

urgency is

Answer 13

to act when they think there is a limited time to do so.

Question 14

Social Engineering

familiarity is

Answer 14

to do what another person asks if they like this person.

Question 15

Social Engineering

trust is

Answer 15

Building trust in a relationship with a victim it may require more time to establish.

Question 16

Social Engineering

Question 17

Shoulder Surfing and Dumpster Diving

what is Shoulder surfing

Answer 17

a simple attack that involves observing or looking over a target’s shoulder

Question 18

Shoulder Surfing and Dumpster Diving

what is dumpster diving

Answer 18

the process of going through a target’s trash to see what information has been thrown out.

Question 19

Impersonation and Hoaxes

Question 20

Impersonation and Hoaxes

Question 21

Impersonation and Hoaxes

Question 22

Impersonation and Hoaxes

what is Impersonation

Answer 22

act of tricking someon into doing something they would not ordinarily do, by pretending to be someone else.

Question 23

Impersonation and Hoaxes

what is Hoaxes

Answer 23

an act intended to deceive or trick someone

Question 24

hoaxes can cause just as much desruption as what?

Answer 24

security breach

Question 25

# Piggybacking and Tailgating what isPiggybacking or tailgating

Answer 25

when a criminal follows an authorized person to gain physical entry into a secure location or a restricted area.

Question 26

# Piggybacking or tailgating Criminals can achieve Piggybacking or tailgating by? name 3

Answer 26

1. Giving the appearance of being escorted into the facility by an authorized person. 2. Joining and pretending to be part of a large crowd that enters the facility. 3. Targeting an authorized person who is careless about the rules of the facility.

Question 27

# Other Methods of Deception tricks to deceive their vicims. name 5

Answer 27

1.invoice scam 2.watering hole attack 3.typosquatting 4.prepending 5.influence campaigns

Question 28

# Other Methods of Deception what is invoice scam?

Answer 28

Fake invoices with the goal of receiving money from a victim

Question 29

# Other Methods of Deception what is a watering hole attack?

Answer 29

an exploit in which an attacker observes or guesses what websites an organization uses most often infects one or more of them with malware.

Question 30

# Other Methods of Deception what is typosquatting

Answer 30

relies on common mistakes such as typos made by individuals when inputting a website address into their browser.

Question 31

# Other Methods of Deception what is prepending

Answer 31

removal of ‘external’ email tag used by organizations to warn the recipient that an email has originated from an external source.

Question 32

# Other Methods of Deception what is influence campaigns

Answer 32

well coordinated and blend various methods such as fake news, disinformation campaigns and social media posts.

Question 33

# Other Methods of Deception influence campaigns is often used in what?

Answer 33

cyberwarfare

Question 34

# Defending Against Deception tips to prevent social engineering tactics. name 6

Answer 34

1. Never disclose confidential information or credentials via email, chat, text messages, in person or over the phone to unknown parties. 2. Resist the urge to click on enticing emails and web links. 3. Be wary of uninitiated or automatic downloads. 4.Establish and educate employees on key security policies. 5.Encourage employees to take ownership of security issues. 6.Do not give in to pressure by unknown individuals.