Module Summary
- Social engineering is the art of convincing people to reveal confidential information.
- Social engineering involves acquiring sensitive information or inappropriate access privileges by an outsider.
- Attackers attempt social engineering attacks on office workers to extract sensitive data.
- Human-based social engineering refers to person-to-person interaction to retrieve the desired information.
- Computer-based social engineering refers to having computer software that attempts to retrieve the desired information.
- Identity theft occurs when someone steals your name and other personal information for fraudulent purposes.
- A successful defense depends on having good policies and their diligent implementation.
Q1) Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an administrator from Brown Co. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him ''just to double check our records.'' Jane does not suspect anything amiss, and parts with her password. Jack can now access Brown Co.'s computers with a valid user name and password, to steal the cookie recipe. What kind of attack is being illustrated here?
- Reverse Psychology
- Reverse Engineering
- Social Engineering
- Spoofing Identity
- Faking Identity
Q2) An attacker finds a web page for a target organization that supplies contact information for the company. Using available details to make the message seem authentic, the attacker drafts e-mail to an employee on the contact page that appears to come from an individual who might reasonably request confidential information, such as a network administrator.
The email asks the employee to log into a bogus page that requests the employee's user name and password or click on a link that will download spyware or other malicious programming.
Google's Gmail was hacked using this technique and attackers stole source code and sensitive data from Google servers. This is highly sophisticated attack using zero-day exploit vectors, social engineering and malware websites that focused on targeted individuals working for the company.
What is this deadly attack called?
- Spear phishing attack
- Trojan server attack
- Javelin attack
- Social networking attack
Q3) This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company's Web site, but the URLs in the e-mail actually point to a false Web site.
- Wiresharp attack
- Switch and bait attack
- Phishing attack
- Man-in-the-Middle attack
Q4) Shayla is an IT security consultant, specializing in social engineering and external penetration tests. Shayla has been hired on by Treks Avionics, a subcontractor for the Department of Defense. Shayla has been given authority to perform any and all tests necessary to audit the company's network security.
No employees for the company, other than the IT director, know about Shayla's work she will be doing. Shayla's first step is to obtain a list of employees through company website contact pages. Then she befriends a female employee of the company through an online chat website. After meeting with the female employee numerous times, Shayla is able to gain her trust and they become friends. One day, Shayla steals the employee's access badge and uses it to gain unauthorized access to the Treks Avionics offices.
What type of insider threat would Shayla be considered?
- She would be considered an Insider Affiliate
- Because she does not have any legal access herself, Shayla would be considered an Outside Affiliate
- Shayla is an Insider Associate since she has befriended an actual employee
- Since Shayla obtained access with a legitimate company badge; she would be considered a Pure Insider
- Pure Insider: Inside employee with normal access rights
- Elevated Pure: Insider Insider with elevated access
- Insider Associate: Insider with limited authorized access (e.g. guard, cleaning person)
- Insider Affiliate: Spouse, friend, or client of an employee that uses employee's credentials.
- Outsider Affiliate: Unknown and untrusted person from outside the organization. Uses an open access channel or stolen credentials to gain unauthorized access.
Q5) Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.
Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.
The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.
What is the risk of installing Fake AntiVirus?
- Victim's Operating System versions,services running and applications installed will be published on Blogs and Forums
- Victim's personally identifiable information such as billing address and credit card details,may be extracted and exploited by the attacker
- Once infected,the computer will be unable to boot and the Trojan will attempt to format the hard disk
- Denial of Service attack will be launched against the infected computer crashing other machines on the connected network
Q6) Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?
- Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card
- Educate and enforce physical security policies of the company to all the employees on a regular basis
- Setup a mock video camera next to the special card reader adjacent to the secure door
- Post a sign that states,"no tailgating" next to the special card reader adjacent to the secure door
Q7) Sometimes a company shares a little too much information on their organization through public domain records. Based on the above whois record, what can an attacker do? (Select 2 answers)
- Search engines like Google,Bing will expose information listed on the WHOIS record
- An attacker can attempt phishing and social engineering on targeted individuals using the information from WHOIS record
- Spammers can send unsolicited e-mails to addresses listed in the WHOIS record
- IRS Agents will use this information to track individuals using the WHOIS record information
Q8) Within the context of Computer Security, which of the following statements describes Social Engineering best?
- Social Engineering is the act of publicly disclosing information
- Social Engineering is the means put in place by human resource to perform time accounting
- Social Engineering is the act of getting needed information from a person rather than breaking into a system
- Social Engineering is a training program within sociology studies
Q9) Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company's entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?
- Neil has used a tailgating social engineering attack to gain access to the offices
- He has used a piggybacking technique to gain unauthorized access
- This type of social engineering attack is called man trapping
- Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics
Q10) When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial?
- Vulnerability scanning
- Social engineering
- Application security testing
- Network sniffing
Q11) A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?
- Forensic attack
- ARP spoofing attack
- Social engineering attack
- Scanning attack
Q12) Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can be used to launch which of the following types of attacks? (Choose two.)
- Smurf attack
- Social engineering attack
- SQL injection attack
- Phishing attack
- Fraggle attack
- Distributed denial of service attack
Q13) A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company`s building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform?
- Man trap
- Tailgating
- Shoulder surfing
- Social engineering
Q14) You are tasked to perform a penetration test. While you are performing information gathering, you find ab employee list in Google. You find receptionist’s email, and you send her an email changing the source email to her boss’s email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected. What testing method did you use?
- Piggybacking
- Tailgating
- Evesdropping
- Social engineering
Q15) Which of the following is a low-tech way of gaining unauthorized access to systems?
- Sniffing
- Social engineering
- Scanning
- Eavesdropping
Q16) Which of the following is a type of social engineering?
- Shoulder surfing
- User identification
- System monitoring
- Face-to-face communication
Q17) Which is an example of social engineering?
- A user who holds open the front door of an office for a potential hacker
- Calling a help desk and convincing them to reset a password for a user account
- Installing a hardware keylogger on a victim’s system to capture passwords
- Accessing a database with a cracked password
Q18) What is the best way to prevent a social-engineering attack?
- Installing a firewall to prevent port scans
- Configuring an IDS to detect intrusion attempts
- Increasing the number of help-desk personnel
- Employee training and education
Q19) Which of the following is the best example of reverse social engineering?
- A hacker pretends to be a person of authority in order to get a user to give them information.
- A help-desk employee pretends to be a person of authority.
- A hacker tries to get a user to change their password.
- A user changes their password.
A19) When a hacker pretends to be a person of authority in order to get a user to ask them for information, it’s an example of reverse social engineering.
Q20) Using pop-up windows to get a user to give out information is which type of social engineering attack?
- Human-based
- Computer-based
- Nontechnical
- Coercive
Q21) Faking a website for the purpose of getting a user’s password and username is which type of social engineering attack?
- Human-based
- Computer-based
- Web-based
- User-based
Q22) Dumpster diving can be considered which type of social engineering attack?
- Human-based
- Computer-based
- Physical access
- Paper-based
Q23) An attacker creates a fake ID badge and waits next to an entry door to a secured facility. An authorized user swipes a key card and opens the door. Jim follows the user inside. Which social engineering attack is in play here?
- Piggybacking
- Tailgating
- Phishing
- Shouldersurfing
Q24) An attacker has physical access to a building and wants to attain access credentials to the network using nontechnical means. Which of the following social engineering attacks is this best option?
- Tailgating
- Piggybacking
- Shoulder surfing
- Sniffing
Q25) Bob decides to employ social engineering during part of his pen test. He sends an unsolicited e-mail to several users on the network advising them of potential network problems and provides a phone number to call. Later that day, Bob performs a DoS on a network segment and then receives phone calls from users asking for assistance. Which social engineering practice is in play here?
- Phishing
- Impersonation
- Technical support
- Reverse social engineering
Q26) Phishing, pop-ups, and IRC channel use are all examples of which type of social engineering attack?
- Human-based
- Computer-based
- Technical
- Physical
Q27) An attacker performs a Whois search against a target organization and discovers the technical point of contact and site ownership e-mail addresses. He then crafts an e-mail to the owner from the technical POC, with instructions to click a link to see web statistics for the site. Instead, the link goes to a fake site where credentials are stolen. Which attack has taken place?
- Phishing
- Man in the middle
- Spear phishing
- Human based
Q28) Which threat presents the highest risk to a target network or resource?
- Script kiddies
- Phishing
- A disgruntled employee
- A white-hat attacker
Q29) You are hired to perform an assessment against the physical security setup at a large company. You go to the company`s building dressed like an electrician and wait in the lobby for an employee to pass through the main access gate. As the employee enters, you simply follow behind to get into the restricted area. Which of the following best describes the type of attack that was performed?
- Tailgating
- Shoulder surfing
- Social engineering
- Man trap
Q30) Phishing e-mail attacks have caused severe harm to a company. The security office decides to provide training to all users in phishing prevention. Which of the following are true statements regarding identification of phishing attempts? (Choose all that apply.)
- Ensure e-mail is from a trusted, legitimate e-mail address source.
- Verify spelling and grammar is correct. (錯字也算!?...-_-)
- Verify all links before clicking them.
- Ensure the last line includes a known salutation and copyright entry (if required).
Q31) A man receives a text message on his phone purporting to be from Technical Services. The text advises of a security breach and provides a web link and phone number to follow up on. When the man calls the number, he turns over sensitive information. Which type of social engineering attack was this?
- Human based
- Computer based
- Mobile based
- Man in the middle
A31) In one of the more fun additions to our study, EC-Council created the “mobile-based” attack, where mobile apps or text messages are employed.
Q32) A security staff is preparing for a security audit and wants to know if additional security training for the end user would be beneficial. Which of the following methods would be the best option for testing the effectiveness of user training in the environment?
- Vulnerability scanning
- Application code reviews
- Sniffing
- Social engineering
Q33) Having individuals provide personal information to obtain a free offer provided through the Internet is considered what type of social engineering?
- Web-based
- Human-based
- User-based
- Computer-based
Q34) An individual presents herself at your office claiming to be a service technician. She is attempting to discuss technical details of your environment such as applications, hardware, and personnel used to manage it. This may be an example of what type of attack?
- Social engineering
- Access control
- Perimeter screening
- Behavioral engineering
Q35) What is a piece of malware that relies on social engineering?
- A worm
- A virus
- A Trojan horse
- A rootkit
Q36) Which of the following would be effective for social engineering?
- Social networking
- Port scanning
- Websites
- Job boards
Q37) A Trojan relies on __ to be activated.
- Vulnerabilities
- Human beings
- Social engineering
- Port redirection
Q38) Social engineering can be thwarted using what kinds of controls?
- Technical
- Administrative
- Physical
- Common sense
A38) Technology alone cannot stop the impact of social engineering and must be accompanied by other mechanisms as well such as education. The strongest defense against social engineering tends to be proper training and education.
Q39) Social engineering preys on many weaknesses, including __.
- Technology
- People
- Human nature
- Physical
Q40) Social engineering can use all the following except __.
- Mobile phones
- Instant messaging
- Trojan horses
- Viruses
Q41) What is the best option for thwarting social-engineering attacks?
- Technology
- Training
- Policies
- Physical controls