Social Engineering and Malware Overview

Questions and Answers

Match the following descriptions with their corresponding social engineering concepts

Following someone into a secure area without their knowledge = Tailgating Redirecting a user to a fake website via DNS spoofing = Pharming Manipulating people to gain unauthorized access or information = Social Engineering Gathering information before launching an attack = Reconnassaince Phishing attack using SMS/text messages = SMiShing Gaining access to a secure area with the consent of an employee = Piggybacking Creating a fabricated scenario to gain trust = Pretexting Making the target feel comfortable or liked = Familiarity Principle

Match the following malware descriptions with their corresponding concepts

Malware that propagates over network links and consumes bandwidth = Worm Logs all local activity on a device, including screenshots = Spyware Allows a user to authenticate once and gain access to multiple systems = Trojan Method of trying all possible combinations to guess a password = Brute Force Attack A knowledge-based authentication factor (e.g., password) = Something You Know Malware that spreads within code without authorization = Virus Malware concealed within a legitimate program = Single Sign-On (SSO) Auditing the usage of an account = Accounting

Study Notes

Social Engineering

• Following someone into a secure area without their knowledge is a form of social engineering.
• Redirecting a user to a fake website via DNS spoofing is a social engineering tactic.
• Manipulating people to gain unauthorized access or information is a social engineering technique.
• Gathering information before launching an attack is part of reconnaissance.
• Phishing attacks using SMS/text messages are forms of social engineering.
• Gaining access to a secure area with the consent of an employee is a social engineering tactic.
• Creating a fabricated scenario to gain trust is social engineering.
• Making the target feel comfortable or liked is a social engineering tactic.

Malware and AAA

• Malware that propagates over network links and consumes bandwidth is a Trojan.
• Logs all local activity on a device, including screenshots, allowing a user to see local system activity to gain access is a virus.
• Allows a user to authenticate once and gain access to multiple systems is Single Sign-On (SSO).
• Method of trying all possible combinations to guess a password is Brute Force Attack.
• A knowledge-based authentication factor (e.g., password) is something you know.
• Malware that spreads within code without authorization is a worm.
• Malware concealed within a legitimate program is spyware.
• Auditing the usage of an account is accounting.

Description

Explore the key tactics and techniques used in social engineering and malware. This quiz covers various forms of manipulation, recognition tactics, and the impact of malware on network security. Test your knowledge on how these threats function and how to recognize them.