Social Engineering and Spear Phishing Quiz

Questions and Answers

What is a primary goal of spear phishing?

• To collect public information about a target
• To provide IT support
• To compromise the target computer (correct)
• To monitor wireless networks

Which of the following is not a common social engineering tactic?

• Like likes like
• Friendly
• Name dropping
• Overloading with information (correct)

Which of these methods is NOT used to distribute malware?

• Physical destruction of hardware (correct)
• Untrusted sites and free software
• Fake programs
• Removable devices

What is a recommended strategy when conducting social engineering attacks?

Maintain trust (A)

Which wireless vulnerability involves cracking WEP?

Active brute forcing of WiFi (D)

How do hackers often use Trojans?

To create backdoors for remote access (A)

What should you consider when choosing the right wireless network card?

Wireless standard supported (B)

Which technique could help gather information for wireless reconnaissance?

Target organization policy on remote workers (D)

What is a safe practice concerning email attachments?

Open attachments from known senders only (D)

Which technique is commonly used in active sniffing?

DNS poisoning (A)

Which of the following protocols are vulnerable to sniffing?

FTP (A), Telnet (C)

What describes passive wiretapping?

Monitors and records the traffic (C)

What is an effective way to defend against password cracking?

Set the password change policy to 30 days (A)

Which type of privilege escalation refers to gaining higher privileges?

Vertical privilege escalation (B)

What does the enumeration module focus on?

User lists and security flaws (B)

What is the function of using HTTPS instead of HTTP?

Provide encryption of data in transit (A)

What is the primary purpose of a wrapper in the context of Trojans?

To bind a Trojan EXE with innocent looking applications (A)

Which of the following is NOT a technique to evade anti-virus detection?

Downloading Trojans from the web (A)

Which stage is NOT part of the virus life cycle?

Execution (B)

What is a common motivation behind creating viruses?

To gain financial benefit (D)

Which action makes a computer more vulnerable to virus infections?

Opening infected email attachments (D)

What is an effective method to detect Trojans?

Running a Trojan scanner to detect Trojans (B)

Which of the following is part of Trojan counter measures?

Installing patches and security updates (B)

What do most anti-virus products do regarding backdoor programs?

Scan and detect backdoor programs (A)

Active sniffing is used to sniff a hub-based network.

False (B)

Vertical privilege escalation refers to acquiring the same level of privileges that are already granted.

False (B)

One way to defend against password cracking is to set the password change policy to 30 days.

True (A)

Active wiretapping only monitors and records traffic.

False (B)

A wrapper associates a Trojan EXE with innocent looking applications.

True (A)

Software used for passive sniffing can capture email traffic.

True (A)

Changing Trojan syntax is an ineffective way to evade anti-virus software.

False (B)

Viruses can inflict harm on programs and corrupt files.

True (A)

Using VPNs is a recommended measure to defend against sniffing.

True (A)

HTTP is a secure protocol for transmitting sensitive data.

False (B)

Installing pirated software does not increase the risk of virus infections.

False (B)

Non-electronic attacks are one type of password attack.

True (A)

Running a Trojan scanner is an effective way to detect Trojans.

True (A)

Scanning CDs and DVDs with anti-virus software before use is unnecessary.

False (B)

The design stage is part of the virus life cycle.

True (A)

Financial gain is a common motivation for creating viruses.

True (A)

Social engineering strategies include assumptions and preparation.

True (A)

One of the tactics used in social engineering is to threaten the target.

False (B)

One method to meet the ultimate goal of spear phishing is using client-side exploits.

True (A)

Black hat search engines are an ineffective method for distributing malware.

False (B)

Cracking WPA preshared keys is one of the major wireless vulnerabilities.

True (A)

Trojan horses can only be used to generate fake traffic.

False (B)

Airodumps is a tool used for wireless reconnaissance.

True (A)

The ultimate goal of spear phishing is to sell user credentials to third parties.

False (B)

Flashcards

Social Engineering Tactics

Methods used to manipulate people into revealing sensitive information or performing actions they wouldn't normally take.

Spear Phishing

A targeted form of phishing that uses personal information to trick victims into giving away credentials or installing malware.

Wireless Recon

Gathering information about a wireless network to identify vulnerabilities.

Malware Distribution

Techniques used to spread malicious software, often disguised as legitimate files or software.

Wireless Network Card Selection

Choosing the right wireless network card that supports necessary features for wireless testing.

Trojan Horse

Malicious software that masquerades as a legitimate program, giving hackers remote access or other malicious actions.

Wireless Attack Phases

The steps involved in a wireless attack, starting with reconnaissance and ending with exploitation

Social Engineering Strategies

Overall approaches employed in social engineering, including the use of assumptions, simplicity, and avoiding detection.

Trojan Dropper

A program that installs a Trojan horse in the background, often disguised as a harmless application.

Trojan Wrapper

A program that combines a Trojan horse with a legitimate application, making the malicious content harder to detect.

Virus Replication

The process by which a virus makes multiple copies of itself to spread.

Virus Detection

Identifying and recognizing the presence of a virus on a computer system.

Trojan Avoidance

Protecting against Trojans by avoiding suspicious downloads, email attachments, and untrusted sources.

Virus Infection Methods

Ways viruses enter a computer system, including file downloads, infected drives, and malicious email attachments.

Trojan Symptoms

Signs of a Trojan infection, such as suspicious files, network activity, or unusual system behavior.

Virus Characteristics

Key qualities of viruses, including infecting other programs, altering data, and spreading.

Passive Sniffing

Capturing network traffic without interfering with communication. Typically done through a hub, where traffic is broadcast to all ports.

Active Sniffing

Capturing network traffic by interfering with the network communication. Often used on switch based networks.

Password Guessing (attack)

Trying various passwords until finding the correct one.

Vertical Privilege Escalation

Gaining higher privileges than your original access level.

Password Cracking

Trying to discover passwords by using various methods.

Sniffing Protocols (Vulnerable)

Protocols that transmit data in clear text or send passwords unencrypted are vulnerable to sniffing.

Footprinting

Gathering information about a target system or network, including IP ranges, employee lists, and system names.

Scanning (in security context)

Identifying systems and services reachable in a target network, usually after initial footprinting is done

Mac Flooding

An active sniffing technique that tricks a switch into thinking all devices have the same MAC address, allowing the attacker to see all traffic.

ARP Poisoning

An active sniffing technique that manipulates the ARP table to redirect traffic through the attacker's device.

Non-Electronic Password Attack

Acquiring passwords through physical means, like stealing a password list or observing someone typing.

Active Online Password Attack

Attacking a password system while it's live, like brute forcing or dictionary attacks.

What are the stages of a virus's life cycle?

A virus's life cycle includes design, replication, launch, detection, incorporation, and elimination. Each stage represents a distinct activity the virus undertakes to spread and survive.

How can you detect a Trojan?

To detect a Trojan, scan for suspicious files and folders, network activities, windows services, and device drivers. Utilize specialized Trojan scanners for comprehensive detection.

Trojan Countermeasures

Prevent Trojan infections by avoiding attachments from unknown senders, programs from instant messaging, downloads from untrusted sources, and promptly installing updates.

Backdoor Countermeasures

Protect against backdoors by using anti-virus solutions, limiting user access, and avoiding untrusted software installations.

Virus and Worm Countermeasures

Utilize anti-virus software that detects and removes infections, regularly scan your system, and stay updated with security patches.

Study Notes

Social Engineering

• Social engineering relies on understanding, practicing, and trusting one's gut feeling to execute attacks.
• Strategies include making assumptions, preparation, keeping it simple, avoiding detection, and not lying.
• Tactics include mimicking desired characteristics, like "like likes like," and targeting personality types, such as being friendly.
• Other tactics include using inside information, employing name-dropping, and using authority, supplications, sympathy, sex appeal, and greed to persuade or manipulate.
• Two approaches for influencing someone include threatening them and enticing them.

Spear Phishing Methods

• Spear phishing uses various methods, including emails, phone calls, text messages, and walkie-talkies.
• The goal is to compromise the target computer and obtain user credentials for applications.
• Methods to achieve this include setting up phishing websites, utilizing client-side exploits, and creating custom Trojan backdoors.

Wireless Recon

• In wireless reconnaissance, the goal is to gather information about a target organization's remote workers.
• Data collection may include locations such as home addresses, offices, and places they regularly visit, like luncheon places.
• Wireless attacks typically have three phases: reconnaissance, attacking the wireless access point, and attacking wireless clients.

Wireless Network Cards

• Essential features to consider when selecting a wireless network card include the supported wireless standard, antenna support, connection types, and power capabilities.
• Common wireless recon tools include Kismet, Airodumps, and Android applications.

Malware

• Malwares include Trojan horses, viruses, and worms.
• Malwares may enter systems via removable devices, attachments, fake programs, and untrusted websites.
• Malware distribution methods include using black hat search engines, spear phishing sites, and compromised legitimate websites.
• Trojans are used to create backdoors for gaining remote access and generating false traffic to create denial-of-service (DoS) attacks.
• Trojans can be used for recording screenshots, audio, and video on a victim's computer, downloading spyware and adware files, and for sending malicious emails.
• Trojans also enable infections of other systems.
• One of the methods to construct a Trojan is with a dropper and a wrapper. A wrapper binds a Trojan EXE to an innocent looking application. This wrapper combines the two programs into a single file.
• Techniques for evading anti-virus software include dividing Trojans into multiple parts and zipping them into a single file.
• Building your own is another important method.
• Trojans can also be embedded into applications, and you can change the Trojan syntax using a specialized editor.
• Avoid using Trojans downloadable from the web.

Virus Transmission and Characteristics

• The common transmission modes for viruses include file downloads, injected flash drives, and email attachments.
• Viruses affect other programs, corrupt data, transform themselves, corrupt other files, encrypt themselves, and replicate.
• Virus stages include design, propagation, launching, and detection followed by incorporation and elimination.
• One of the reasons why people create viruses can be for financial gain, play pranks, vandalism, cyber terrorism, or for research projects.

Virus Infection and Detection

• Infections can happen through downloading files without verifying the source, opening infected email attachments, installing pirated software, not upgrading plugins, or not running the latest anti-virus software
• To detect Trojans, it is possible to scan for suspicious files and folders and scan for suspicious network activities.
• Further measures can be taken by scanning for suspicious windows services, device drivers, and running a dedicated Trojan scanner.

Trojan, Spyware, and Keylogger Countermeasures

• Keylogger countermeasures include using popup blockers, installing antivirus programs, setting up firewalls, deleting phishing emails, avoiding junk email, using a firewall, and disabling auditing.
• Spyware countermeasures include using anti spyware programs and strengthening computer security levels.
• Regular checks of the task manager and caution with suspicious emails are also beneficial.

Sniffing

• Sniffing data can be passive (monitoring traffic on hubs to all ports) or active (snifing a switch-based network).
• Information obtained through sniffing includes Telnet passwords, router configurations, FTP passwords, web traffic, and email traffic.
• Protocols vulnerable to sniffing include HTTP, Telnet, rlogin, POP, IMAP, SMTP, NNTP, and FTP.
• Active wiretapping involves monitoring, recording, altering, and injecting into communication.
• Passive wiretapping only monitors and records traffic.
• To protect against sniffing, use HTTPS instead of HTTP, switches instead of hubs, SFTP instead of FTP and utilize VPNs and one-time passwords.

Footprinting and Password Attacks

• Footprinting modules involve identifying IP ranges, names, paces, and employees of a target organization.
• Activities of the module include target assessment, identifying systems and services.
• Enumeration modules involve intrusive probing, user lists, and security flaws.
• Password attacks can be non-electronic, active online, passive online, and offline.
• Techniques for password guessing usually start with ranking passwords from high to low probability and attempting each one until the correct one is found.

Privilege Escalation

• Privilege escalation can be vertical (gaining higher privileges) or horizontal (gaining the same level of privileges as existing users).
• Defenses include using encryption, implementing multi-factor authentication, and regularly patching the system.

Description

Test your knowledge on social engineering tactics and spear phishing methods with this quiz. Explore various strategies that attackers use to manipulate individuals, including psychological tactics and technological approaches. Understand how to recognize these threats to better protect yourself and your information.