Section 4: Social Engineering

Question 1

What is Social Engineering?

Answer 1

A manipulative strategy that exploits human psychology to gain unauthorized access to systems, data, or physical spaces.

Question 2

What does Authority refer to in social engineering?

Answer 2

Leveraging perceived authority to compel compliance from targets.

Question 3

What is the role of Urgency in social engineering?

Answer 3

Creating a sense of immediacy to provoke quick action from individuals.

Question 4

How does Social Proof influence targets?

Answer 4

Influencing decisions by showcasing the actions of others to persuade targets.

Question 5

What is Scarcity in the context of social engineering?

Answer 5

Pressuring targets by highlighting limited availability of resources or information.

Question 6

What does Likability mean in social engineering?

Answer 6

Gaining trust from targets by appearing friendly or relatable.

Question 7

How is Fear used in social engineering?

Answer 7

Using threats or potential consequences to force compliance from individuals.

Question 8

What is Impersonation?

Answer 8

Pretending to be someone else to gain unauthorized access to information or systems.

Question 9

What is Brand Impersonation?

Answer 9

Mimicking a legitimate company to deceive targets into providing sensitive information.

Question 10

What is Typosquatting?

Answer 10

Registering domain names that are similar to legitimate ones to exploit common typing errors.

Question 11

What are Watering Hole Attacks?

Answer 11

Compromising frequently visited websites of targets to deliver malware or phish for information.

Question 12

What is Pretexting?

Answer 12

Creating a false scenario to manipulate individuals into revealing sensitive information.

Question 13

What is Phishing?

Answer 13

Deceptive communications designed to steal sensitive information.

Question 14

What is Spear Phishing?

Answer 14

Targeted phishing attacks aimed at specific individuals or organizations.

Question 15

What is Whaling?

Answer 15

Phishing attacks that target high-profile individuals, such as executives.

Question 16

What is Business Email Compromise (BEC)?

Answer 16

Using compromised internal emails to deceive employees into sharing confidential information.

Question 17

What is Vishing?

Answer 17

Phishing conducted via phone calls to extract sensitive information.

Question 18

What is Smishing?

Answer 18

Phishing executed through SMS or text messages to trick individuals into providing personal information.

Question 19

What are Frauds and Scams?

Answer 19

Deceptive practices intended to trick individuals into providing money or sensitive information.

Question 20

What is Identity Fraud/Theft?

Answer 20

Using someone else’s personal information for illegal activities.

Question 21

What are Invoice Scams?

Answer 21

Tricking individuals into paying fraudulent invoices.

Question 22

What are Influence Campaigns?

Answer 22

Coordinated efforts aimed at spreading misinformation or disinformation to sway public opinion or behavior.

Question 23

What is Diversion Theft?

Answer 23

Creating distractions to steal items or information without being noticed.

Question 24

What are Hoaxes?

Answer 24

Spreading false information to deceive individuals or create panic.

Question 25

What is Shoulder Surfing?

Answer 25

Observing someone’s screen or keyboard to gain sensitive information without their knowledge.

Question 26

What is Dumpster Diving?

Answer 26

The practice of searching through trash or discarded materials to find valuable information or data.

Question 27

What is Eavesdropping?

Answer 27

The act of secretly listening to private conversations, often to gather confidential or sensitive information.

Question 28

What is Baiting?

Answer 28

A technique where infected devices, such as USB drives, are left in locations for victims to find and use, potentially compromising their systems.