Lecture 2-1
14 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is external reconnaissance and what are the possible ways to perform it?

External reconnaissance is gathering data about the target from outside its boundary to find its vulnerabilities and thinking of methods to exploit it. It typically focuses on the carelessness of the company's employees. They can perform ways such as dumpster diving, social media and social engineering.

Explain what is dumpster diving and what can an attacker gain from it?

Organizations get rid of devices that are out of date or no longer in use in a number of ways such as bidding, giving it to recyclers or dumping them in the dumpsters. An attacker will dive through that dumpster to get those devices. An attacker can gain information like an internal setup of an organization, openly stored login credentials on a browser, the privileges and details of users and access to customized system in the network.

How do you prevent dumpster diving?

Degaussing can be used to remove data. it reduces or eliminates the magnetic field that is stored on the disk of a computer. As for SSD, one suggested way would be to encrypt it with a long random key and forget that key.

What kind of attacks can an attacker make using social media?

<p>Social media is a place where you can find all the information about the user. So, an attacker can create a fake identity using it. They can steal the photos and information from a victim's social media account. Another attack is guessing the victim's password from the information posted on the internet. For example, their birthday, maiden's name, pet's name, etc.</p> Signup and view all the answers

Explain what is social engineering and what are the 6 levers of social engineering? Provide an example of each of the levers.

<p>Humans are sympathetic, trusting to friends, show-offs, obedient to higher authority, greedy and curious. Social engineering is using these human nature to manipulate them into doing something that they normally wouldn't do. The six levels of social engineering are - Reciprocation: the victim will do something for the attacker in the act that they feel like they owe them a favor. Scarcity: threatening a short supply of something that the target is in need of. For example, a trip package, a mega sale, a new product release, etc. Consistency: Humans tend to get used to the flow of events. For example, an attacker clones the vendor that the target always buys from and since they always buy there, they don't check if the vendor is valid or not. Liking: Humans are likely to do something for the people that they like. Authority: Humans are most likely to obey those of higher authority. An attacker can act as the government and as for the victim's private information. Validation: Humans will try to follow the trend so that they are not the odd one out.</p> Signup and view all the answers

Explain pretexting and give example.

<p>Pretexting is a form of social engineering where an attacker creates a false scenario or pretext to trick individuals into providing sensitive information or performing actions they normally wouldn't. It often involves impersonating someone else, such as a trusted authority figure or service provider, to gain access to information or resources.</p> Signup and view all the answers

Explain diversion theft and give example.

<p>Attackers persuade delivery and transport companies that their deliveries and services are requested elsewhere.</p> Signup and view all the answers

Explain phishing and give example.

<p>A hacker sends emails to a target pretending to be a legitimate third-party organization. Example: an email claiming a court order notice and ask the recipients to view more details. Upon clicking the link, the recipients installed malware on their computers that can be used for other malicious purposes.</p> Signup and view all the answers

Explain spear phishing.

<p>Spear phishing is specifically targeted to obtain information from particular end users in an organization by performing a number of background checks on targets.</p> Signup and view all the answers

Explain water holing.

<p>An attack strategy, in which the attacker guesses or observes which websites the group often uses and infects one or more of them with malware.</p> Signup and view all the answers

Explain internal reconnaissance.

<p>Unlike external reconnaissance, internal reconnaissance is done onsite. Attacks are carried out within an organization’s network, systems and premises. Mostly, this process is aided by software tools such as sniffing and scanning tools. An attacker interacts with the actual target systems to find out information about its vulnerabilities.</p> Signup and view all the answers

Explain what wardriving and share tools that is able to perform wardriving. Is there any way you can map wifi SSID to location?

<p>Wardriving is an internal reconnaissance technique used to find unsecured wifi networks while moving around in a vehicle. The process includes finding unsecured networks, mapping their locations, and recording the information in an online database. Network stumbler and mini stumbler are commonly used. Network Stumbler records SSIDs and exact GPS locations of unsecured wireless networks. mini stumbler does the same but for mobile and tablets.</p> Signup and view all the answers

Explain what Extortion attacks is. Share a case study of a publicly known extortion attack.

<p>Extortion attack is holding computer files for ransom and threatening to release damaging information about a victim to the public. Popular case studies are WannaCry where the hacker asks for $300 within 72 hours through Bitcoin address and it only made $50,000 because a kill switch was discovered and the Ashley Madison incident where after failed extortion attempts, hackers exposed the user data of millions of people. The company offered to pay a total of $11 million to compensate for the exposure of 36 million users.</p> Signup and view all the answers

Explain why and how an attacker could attack company printers.

<p>Targeting non-obvious devices, which seemed to be harmless, in corporate networks. Modern printers come with an inbuilt memory function and only basic security features. Accessing to the printer may reveal the following: ➢Password authentication mechanisms ➢Gathering the sensitive data that users send to be printed ➢Used as entry points into other secure networks</p> Signup and view all the answers

More Like This

Use Quizgecko on...
Browser
Browser