lab 4

Question 1

Which of the following attack types is NOT supported by SET?

Arduino-based
Wireless
Spear phishing
SQL Injection
Powershell

Answer 1

SQL Injection

Question 2

What is the primary defense against the attack that you performed in this lab?

Do not execute files from email
Updating malware scanners
Implement biometrics
Update the SPAM filter

Answer 2

Do not execute files from email

Question 3

Which security framework does SET use to set up listeners?

Arachni
Metasploit
SMTP binder
Maltego

Answer 3

Metasploit

Question 4

The most commonly used features of SET are spear phishing, website spoofing, payload delivery, and mass mailer attacks. True or False?

True
False

Answer 4

True

Question 5

What is the primary limitation or restriction in compromising a victim through a SET-crafted email and related exploit script/payload?

Client-side security blocking execution
Server keyword filtering
Firewall blocking email messages with attachments
NAT traversa

Answer 5

Client-side security blocking execution

Question 6

Which of the following are true in regard to using SET? (Select all that apply)

SET emails can use spoofed source addresses

SET emails must be from a trusted email domain

SET payloads are allow-listed in most security filters

SET can send messages to a single address or a large group of addresses

SET can send attachments or hyperlinks to malicious scripts or payloads

SET demonstrates the power of combining technology with social engineering

Answer 6

SET emails can use spoofed source addresses

SET can send messages to a single address or a large group of addresses

SET can send attachments or hyperlinks to malicious scripts or payloads

SET demonstrates the power of combining technology with social engineering