Recognizing Social Engineering Situations

Questions and Answers

What is one of the threats posed by employees setting up wireless networks at home?

• Improved network speed
• Vulnerability due to lack of encryption (correct)
• Enhanced data protection
• Increased network security

Why do some home users prefer wireless networks over wired ones according to the text?

• To reduce the risk of network threats
• For easy setup and usability (correct)
• For better data privacy
• To enhance network speed

What is a common issue with many home users who set up multiple computers at home?

• Lack of network availability
• Excessive network speed
• Failure to secure the network properly (correct)
• Difficulty in connecting devices

How does the scenario with the engineer's wireless router contribute to network vulnerability?

By not securing the laptops with WEP (D)

What operating system is mentioned to be running on an employee's home workstation in the text?

Windows 98 (D)

Why do employees who care about aesthetics or don't want to pull wires usually set up wireless networks at home?

To avoid visible cables and wires (D)

What should be the approach when the vice president asks for a password?

Assume the person is a potential intruder (D)

Which measure is not sufficient on its own to prevent social engineering attacks?

Environmental controls (A)

What is a recommended practice for preventing social engineering attacks mentioned in the text?

All employees should have a security mind-set and question suspicious situations (D)

Which of the following is NOT listed as an item useful in preventing social engineering attacks?

Encouraging employees to handle waste disposal themselves (A)

Why is a combination of technical, operational, and environmental controls along with user awareness training necessary to prevent attacks?

Technical controls alone are inadequate (A)

What role does security awareness training play in preventing social engineering attacks?

Enhances employees' ability to identify and respond to potential threats (D)

What type of IDS monitors communications on a host-by-host basis?

Host-based IDSs (A)

Which type of IDS is good at detecting unauthorized file modifications and user activity?

Host-based IDSs (C)

What do network-based IDSs try to locate that firewalls might have missed?

Packets not allowed on the network (D)

Why are host-based and network-based IDSs considered complementary to each other?

They cover different strengths and weaknesses (B)

In the context of IDS alerting, what is essential for network administrators to have in place?

Incident response plans (D)

What is one of the forms of response suggested when an IDS alerts of an ongoing attack attempt?

Redirecting or misdirecting the attacker (D)

Where is the Private SQL Area located in a Dedicated Server Environment?

PGA (D)

What does the Session Memory store?

Session variables and other session information (C)

What is the function of SQL Work Area?

Allocated for sort, hash-join, bitmap merge operations (C)

Which component of PGA consists of session memory and the private SQL area?

Persistent Area (D)

What term is used to refer to the combination of all individual PGAs in an instance?

Instance PGA (D)

What is one way to recognize a potential social engineering situation?

Refusing to leave contact information (C)

In the context of the text, what might an intruder do if they are persistent?

Press for more information about absent employees (C)

What is a questionable behavior mentioned in the text that might indicate a potential intruder?

Asking about the return time of an absent employee (D)

What could be a sign of suspicious behavior from a caller according to the text?

Rushing or being in a big hurry (A)

What is the significance of recognizing social engineering situations according to the text?

To protect against becoming a victim of intruders (B)

How can recognizing potential social engineering scenarios benefit individuals?

By preventing sensitive information leaks (B)