1. What is an example of the authority social engineering motivation technique? Question options: a. A pen tester sends an SMS text stating that those who fail to click the link and complete a survey will be fired. b. A pen tester sends a spear phishing email praising how great a specific program works and convinces the victim to install it because everyone else is using it. c. A pen tester calls the IT helpdesk posing as a senior executive requesting a password be set to "L3tm3!nN". d. A pen tester sends a phishing email stating that a limited number of free installs for a software program exist and to act now while supplies last.

Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
icon
Related questions
Question

1. What is an example of the authority social engineering motivation technique?

Question options:

a. A pen tester sends an SMS text stating that those who fail to click the link and complete a survey will be fired.

b. A pen tester sends a spear phishing email praising how great a specific program works and convinces the victim to install it because everyone else is using it.

c. A pen tester calls the IT helpdesk posing as a senior executive requesting a password be set to "L3tm3!nN".

d. A pen tester sends a phishing email stating that a limited number of free installs for a software program exist and to act now while supplies last.

2. What is shoulder surfing?

    A.
    B.
    C.
    D.

Question options:

a. Leaving a physical media device in a location where someone else might pick it up and use it

b. Slipping in through a secure area while following an authorized employee

c. Observing a target's behavior without the target noticing

d. Exploiting the typing mistakes that users may make when attempting to navigate to a website

3. What is badge cloning?

Question options:

a. The act of copying authentication data from one RFID microchip to another

b. The act of bypassing a lock using a lock pick set and a torsion wrench.

c. A system that detects infrared emissions from the human body

d. A standard for identifying and keeping track of objects' physical locations through the use of radio waves

4. Which of the following is the difference between impersonation and elicitation?

Question options:

a. Elicitation is the process of acting like an IT employee to gain access to a server room.

b. Impersonation is the process of gathering information from employees.

c. Elicitation is the process of collecting or acquiring data from human beings.

d. Impersonation is the sending of surveys to collect data from a group of employees.

5. Which statement reflects a legitimate benefit of phishing?
 
         A.
         B.
         C.
         D.
 
 Question options:

a. Use spear phishing because someone will likely click a malicious link if a generic email is sent to every user.

b. Use voice phishing because people tend to place more trust in those they can have a real-time conversation with.

c. Use SMS phishing because smartphones tend to have trusted access to company trade secrets.

d. Use whaling because the largest number of people can be reached by mass email

6. An IT director reads about a new form of malware that targets a system widely utilized in the company's network. The director wants to discover whether the network has been targeted, but also wants to conduct the scan without disrupting company operations or tipping off potential attackers to the investigation. Evaluate vulnerability scanning techniques and determine the best tool for the investigation.

Question options:

a. Configuration review

b. Credentialed scan

c. Threat hunting

d. Penetration testing

7. Considering a Data Breach versus Data Exfiltration, a Data Breach is never intentional, were Data Exfiltration always is intentional.

Question options:
    a.True
    b.False

8. A system administrator must scan the company's web-based application to identify which ports are open and which operating system can be seen from the outside world. Determine the syntax that should be used to yield the desired information if the administrator will be executing this task from a Linux command line.

Question options:

a. netstat -a

b. nmap -O webapp.company.com

c. nmap -sS 10.1.0.0/24

d. netstat -n

 

Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 2 steps

Blurred answer
Knowledge Booster
Fundamentals of managing system
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Similar questions
  • SEE MORE QUESTIONS
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education