Podcast
Questions and Answers
Joseph receives an email notifying him that he needs to change his password due to a recent account issue. He notices that the email links him to a website using the domain amaz0n.com. What type of attack should he describe this as?
Joseph receives an email notifying him that he needs to change his password due to a recent account issue. He notices that the email links him to a website using the domain amaz0n.com. What type of attack should he describe this as?
- Typosquatting
- Phishing (correct)
- Smishing
- A watering hole attack
When you combine phishing with voicemail, it is known as:
When you combine phishing with voicemail, it is known as:
- Whaling
- Spoofing
- Spooning
- Vishing (correct)
While reviewing her logs, Michele notices that a remote system has attempted to log into her server via SSH using the username admin and a variety of passwords like “password” and “ninja.” What type of attack has Michele noticed?
While reviewing her logs, Michele notices that a remote system has attempted to log into her server via SSH using the username admin and a variety of passwords like “password” and “ninja.” What type of attack has Michele noticed?
- A brute-force attack (correct)
- Shoulder surfing
- An on-path attack
- Pretexting
Joanna wants to detect password spraying attacks. What type of rule should she deploy through her security systems?
Joanna wants to detect password spraying attacks. What type of rule should she deploy through her security systems?
One of the staff at Susan's organization has reported that a critical vendor has contacted them about an unpaid invoice. After Susan investigates, she discovers that the invoice was sent from an email account that was not typically a contact and that the invoice requested payment to a PayPal account. What type of social engineering attack has Susan most likely discovered?
One of the staff at Susan's organization has reported that a critical vendor has contacted them about an unpaid invoice. After Susan investigates, she discovers that the invoice was sent from an email account that was not typically a contact and that the invoice requested payment to a PayPal account. What type of social engineering attack has Susan most likely discovered?
Selah infects the ads on a website that users from her target company frequently visit with malware as part of her penetration test. What technique has she used?
Selah infects the ads on a website that users from her target company frequently visit with malware as part of her penetration test. What technique has she used?
Ben wants to determine if brute-force password attacks are being used against his company. What log information is least likely to be useful when working to detect brute-force attacks?
Ben wants to determine if brute-force password attacks are being used against his company. What log information is least likely to be useful when working to detect brute-force attacks?
Melissa receives a call and the caller informs her a senior manager in her organization needs her to buy gift cards for an event that starts in an hour. The caller says that the senior leader forgot to get the cards, and that the event is critical to her organization. Melissa buys the cards and sends them to the Gmail address the caller says that the senior leader needs them sent to. What type of attack has Melissa fallen for?
Melissa receives a call and the caller informs her a senior manager in her organization needs her to buy gift cards for an event that starts in an hour. The caller says that the senior leader forgot to get the cards, and that the event is critical to her organization. Melissa buys the cards and sends them to the Gmail address the caller says that the senior leader needs them sent to. What type of attack has Melissa fallen for?
Alaina wants to determine if a password spraying attack was used against her organization. Which of the following indicators would be most useful as part of her investigation?
Alaina wants to determine if a password spraying attack was used against her organization. Which of the following indicators would be most useful as part of her investigation?
Which of the following human vectors is primarily associated with nation-state actors?
Which of the following human vectors is primarily associated with nation-state actors?
Nicole accidentally types www.smazon.com into her browser and discovers that she is directed to a different site loaded with ads and pop-ups. Which of the following is the most accurate description of the attack she has experienced?
Nicole accidentally types www.smazon.com into her browser and discovers that she is directed to a different site loaded with ads and pop-ups. Which of the following is the most accurate description of the attack she has experienced?
Devon is a penetration tester and sets up malicious tools on his target organization's primary internal website. What type of attack is he conducting?
Devon is a penetration tester and sets up malicious tools on his target organization's primary internal website. What type of attack is he conducting?
Phishing emails sent pretending to be from a company that recipients are familiar with and likely to respond to is what type of attack?
Phishing emails sent pretending to be from a company that recipients are familiar with and likely to respond to is what type of attack?
When a caller was recently directed to Amanda, who is a junior IT employee at her company, the caller informed her that they were the head of IT for her organization and that she needed to immediately disable the organization's firewall. After Amanda made the change, she discovered that the caller was not the head of IT, and that they were actually a penetration tester hired by her company. What social engineering attack best describes this?
When a caller was recently directed to Amanda, who is a junior IT employee at her company, the caller informed her that they were the head of IT for her organization and that she needed to immediately disable the organization's firewall. After Amanda made the change, she discovered that the caller was not the head of IT, and that they were actually a penetration tester hired by her company. What social engineering attack best describes this?
Fred is concerned about text message–based attacks. Which of the following attacks relies on text messages as its primary focus?
Fred is concerned about text message–based attacks. Which of the following attacks relies on text messages as its primary focus?
Sharif notices that his authentication logs have many different usernames showing failed logins with the same password. What type of attack has he discovered?
Sharif notices that his authentication logs have many different usernames showing failed logins with the same password. What type of attack has he discovered?
Naomi receives a report of smishing. What type of attack should she be looking for?
Naomi receives a report of smishing. What type of attack should she be looking for?
Jack's organization wants to prevent typosquatting. What option should he select to address this issue?
Jack's organization wants to prevent typosquatting. What option should he select to address this issue?
Gwyne's company has been contacted by customers asking about a new social media account operating under the company's brand. The social media account is advertising cryptocurrency, which Gwyne's organization does not sell or work with. What type of attack best describes what Gwyne's organization has encountered?
Gwyne's company has been contacted by customers asking about a new social media account operating under the company's brand. The social media account is advertising cryptocurrency, which Gwyne's organization does not sell or work with. What type of attack best describes what Gwyne's organization has encountered?
Nation-state-driven social media campaigns about the trustworthiness of the U.S. election in 2016 are an example of what type of social engineering?
Nation-state-driven social media campaigns about the trustworthiness of the U.S. election in 2016 are an example of what type of social engineering?
Flashcards
Capital of France (example flashcard)
Capital of France (example flashcard)
Paris
