Recognizing Social Engineering Situations

Questions and Answers

What is one of the threats posed by employees setting up wireless networks at home?

Improved network speed

Vulnerability due to lack of encryption (correct)

Enhanced data protection

Increased network security

Why do some home users prefer wireless networks over wired ones according to the text?

To reduce the risk of network threats

For easy setup and usability (correct)

For better data privacy

To enhance network speed

What is a common issue with many home users who set up multiple computers at home?

Lack of network availability

Excessive network speed

Failure to secure the network properly (correct)

Difficulty in connecting devices

How does the scenario with the engineer's wireless router contribute to network vulnerability?

By not securing the laptops with WEP

What operating system is mentioned to be running on an employee's home workstation in the text?

Windows 98

Why do employees who care about aesthetics or don't want to pull wires usually set up wireless networks at home?

To avoid visible cables and wires

What should be the approach when the vice president asks for a password?

Assume the person is a potential intruder

Which measure is not sufficient on its own to prevent social engineering attacks?

Environmental controls

What is a recommended practice for preventing social engineering attacks mentioned in the text?

All employees should have a security mind-set and question suspicious situations

Which of the following is NOT listed as an item useful in preventing social engineering attacks?

Encouraging employees to handle waste disposal themselves

Why is a combination of technical, operational, and environmental controls along with user awareness training necessary to prevent attacks?

Technical controls alone are inadequate

What role does security awareness training play in preventing social engineering attacks?

Enhances employees' ability to identify and respond to potential threats

What type of IDS monitors communications on a host-by-host basis?

Host-based IDSs

Which type of IDS is good at detecting unauthorized file modifications and user activity?

Host-based IDSs

What do network-based IDSs try to locate that firewalls might have missed?

Packets not allowed on the network

Why are host-based and network-based IDSs considered complementary to each other?

They cover different strengths and weaknesses

In the context of IDS alerting, what is essential for network administrators to have in place?

Incident response plans

What is one of the forms of response suggested when an IDS alerts of an ongoing attack attempt?

Redirecting or misdirecting the attacker

Where is the Private SQL Area located in a Dedicated Server Environment?

PGA

What does the Session Memory store?

Session variables and other session information

What is the function of SQL Work Area?

Allocated for sort, hash-join, bitmap merge operations

Which component of PGA consists of session memory and the private SQL area?

Persistent Area

What term is used to refer to the combination of all individual PGAs in an instance?

Instance PGA

What is one way to recognize a potential social engineering situation?

Refusing to leave contact information

In the context of the text, what might an intruder do if they are persistent?

Press for more information about absent employees

What is a questionable behavior mentioned in the text that might indicate a potential intruder?

Asking about the return time of an absent employee

What could be a sign of suspicious behavior from a caller according to the text?

Rushing or being in a big hurry

What is the significance of recognizing social engineering situations according to the text?

To protect against becoming a victim of intruders

How can recognizing potential social engineering scenarios benefit individuals?

By preventing sensitive information leaks