Priya Dogra – Certification | Jobs | Internships
Related Articles
Module 3: Social Engineering Quiz Answers
Which attack vector does an influence campaign rely upon?
- Zero-trust software exploit
- Social media
- Messaging service
Which description best explains pharming?
- Recruiting employees through various means to carry out an insider attack
- Exploiting an unknown vulnerability in computer software
- Cultivating trust between a bad actor and the target through chance encounters
- Computer traffic redirected from a legitimate website to a malicious one
What type of insider threat is an individual who believes they are exempt from their organization’s security policies and bypasses them?
- Lone wolf
- Collaborator
- Pawn
- Goof
Which threat indicator could be an indication of an active insider threat?
- An employee shows contempt for an organization’s policies
- An open pot of honey is suspiciously left on a kitchen countertop
- A USB drive is found abandoned in an organization’s parking lot
- Two employees disagree on the interpretation of a security policy
Which two insider types are considered malicious insider threats? (Choose two.)
- Rats
- Pawns
- Lone wolves
- Moles
Which definition best describes insider threat?
- An unknown vulnerability on a computer network
- A person posing a threat to an organization from within
- IT security fails to protect its network
- Employees who are angry at their employer
Which two reasons explain why influence campaigns are often effective?
- Social media offers an inexpensive means to influence a large number of people
- The bad actor can remain anonymous using fake accounts
- Blackmail and bribery are effective in influencing people’s behavior
- People are known to respond favorably to a well-reasoned argument
Which three attack methods are examples of social engineering? (Choose three.)
- Whaling
- Copycat
- Honeypot
- Zero day
- Tailgating
What objective is accomplished by the last two stages of an influence campaign?
- Clarification of the narrative
- Access to the target’s network
- Theft of information or money
- Amplification of the message
What type of attack method is used by a blue hat to study the tactics of bad actors?
- Sandboxing
- Deception
- Honeypot
- Waterholing
Which attack method relies on a telephone or voice-over-IP to target individuals or small groups, such as members of a finance department?
- Vishing
- Honeypot
- Smishing
- Whaling
Which technique most accurately describes social engineering?
- Exploiting computer weaknesses
- Psychological manipulation
- Quid pro quo
- Zero-day attack
What social engineering attack uses an online site frequented by the target or targets to attack them?
- Waterholing
- Quid pro quo
- Phishing
- Pretexting
