Podcast
Questions and Answers
What is a primary goal of spear phishing?
What is a primary goal of spear phishing?
Which of the following is not a common social engineering tactic?
Which of the following is not a common social engineering tactic?
Which of these methods is NOT used to distribute malware?
Which of these methods is NOT used to distribute malware?
What is a recommended strategy when conducting social engineering attacks?
What is a recommended strategy when conducting social engineering attacks?
Signup and view all the answers
Which wireless vulnerability involves cracking WEP?
Which wireless vulnerability involves cracking WEP?
Signup and view all the answers
How do hackers often use Trojans?
How do hackers often use Trojans?
Signup and view all the answers
What should you consider when choosing the right wireless network card?
What should you consider when choosing the right wireless network card?
Signup and view all the answers
Which technique could help gather information for wireless reconnaissance?
Which technique could help gather information for wireless reconnaissance?
Signup and view all the answers
What is a safe practice concerning email attachments?
What is a safe practice concerning email attachments?
Signup and view all the answers
Which technique is commonly used in active sniffing?
Which technique is commonly used in active sniffing?
Signup and view all the answers
Which of the following protocols are vulnerable to sniffing?
Which of the following protocols are vulnerable to sniffing?
Signup and view all the answers
What describes passive wiretapping?
What describes passive wiretapping?
Signup and view all the answers
What is an effective way to defend against password cracking?
What is an effective way to defend against password cracking?
Signup and view all the answers
Which type of privilege escalation refers to gaining higher privileges?
Which type of privilege escalation refers to gaining higher privileges?
Signup and view all the answers
What does the enumeration module focus on?
What does the enumeration module focus on?
Signup and view all the answers
What is the function of using HTTPS instead of HTTP?
What is the function of using HTTPS instead of HTTP?
Signup and view all the answers
What is the primary purpose of a wrapper in the context of Trojans?
What is the primary purpose of a wrapper in the context of Trojans?
Signup and view all the answers
Which of the following is NOT a technique to evade anti-virus detection?
Which of the following is NOT a technique to evade anti-virus detection?
Signup and view all the answers
Which stage is NOT part of the virus life cycle?
Which stage is NOT part of the virus life cycle?
Signup and view all the answers
What is a common motivation behind creating viruses?
What is a common motivation behind creating viruses?
Signup and view all the answers
Which action makes a computer more vulnerable to virus infections?
Which action makes a computer more vulnerable to virus infections?
Signup and view all the answers
What is an effective method to detect Trojans?
What is an effective method to detect Trojans?
Signup and view all the answers
Which of the following is part of Trojan counter measures?
Which of the following is part of Trojan counter measures?
Signup and view all the answers
What do most anti-virus products do regarding backdoor programs?
What do most anti-virus products do regarding backdoor programs?
Signup and view all the answers
Active sniffing is used to sniff a hub-based network.
Active sniffing is used to sniff a hub-based network.
Signup and view all the answers
Vertical privilege escalation refers to acquiring the same level of privileges that are already granted.
Vertical privilege escalation refers to acquiring the same level of privileges that are already granted.
Signup and view all the answers
One way to defend against password cracking is to set the password change policy to 30 days.
One way to defend against password cracking is to set the password change policy to 30 days.
Signup and view all the answers
Active wiretapping only monitors and records traffic.
Active wiretapping only monitors and records traffic.
Signup and view all the answers
A wrapper associates a Trojan EXE with innocent looking applications.
A wrapper associates a Trojan EXE with innocent looking applications.
Signup and view all the answers
Software used for passive sniffing can capture email traffic.
Software used for passive sniffing can capture email traffic.
Signup and view all the answers
Changing Trojan syntax is an ineffective way to evade anti-virus software.
Changing Trojan syntax is an ineffective way to evade anti-virus software.
Signup and view all the answers
Viruses can inflict harm on programs and corrupt files.
Viruses can inflict harm on programs and corrupt files.
Signup and view all the answers
Using VPNs is a recommended measure to defend against sniffing.
Using VPNs is a recommended measure to defend against sniffing.
Signup and view all the answers
HTTP is a secure protocol for transmitting sensitive data.
HTTP is a secure protocol for transmitting sensitive data.
Signup and view all the answers
Installing pirated software does not increase the risk of virus infections.
Installing pirated software does not increase the risk of virus infections.
Signup and view all the answers
Non-electronic attacks are one type of password attack.
Non-electronic attacks are one type of password attack.
Signup and view all the answers
Running a Trojan scanner is an effective way to detect Trojans.
Running a Trojan scanner is an effective way to detect Trojans.
Signup and view all the answers
Scanning CDs and DVDs with anti-virus software before use is unnecessary.
Scanning CDs and DVDs with anti-virus software before use is unnecessary.
Signup and view all the answers
The design stage is part of the virus life cycle.
The design stage is part of the virus life cycle.
Signup and view all the answers
Financial gain is a common motivation for creating viruses.
Financial gain is a common motivation for creating viruses.
Signup and view all the answers
Social engineering strategies include assumptions and preparation.
Social engineering strategies include assumptions and preparation.
Signup and view all the answers
One of the tactics used in social engineering is to threaten the target.
One of the tactics used in social engineering is to threaten the target.
Signup and view all the answers
One method to meet the ultimate goal of spear phishing is using client-side exploits.
One method to meet the ultimate goal of spear phishing is using client-side exploits.
Signup and view all the answers
Black hat search engines are an ineffective method for distributing malware.
Black hat search engines are an ineffective method for distributing malware.
Signup and view all the answers
Cracking WPA preshared keys is one of the major wireless vulnerabilities.
Cracking WPA preshared keys is one of the major wireless vulnerabilities.
Signup and view all the answers
Trojan horses can only be used to generate fake traffic.
Trojan horses can only be used to generate fake traffic.
Signup and view all the answers
Airodumps is a tool used for wireless reconnaissance.
Airodumps is a tool used for wireless reconnaissance.
Signup and view all the answers
The ultimate goal of spear phishing is to sell user credentials to third parties.
The ultimate goal of spear phishing is to sell user credentials to third parties.
Signup and view all the answers
Study Notes
Social Engineering
- Social engineering relies on understanding, practicing, and trusting one's gut feeling to execute attacks.
- Strategies include making assumptions, preparation, keeping it simple, avoiding detection, and not lying.
- Tactics include mimicking desired characteristics, like "like likes like," and targeting personality types, such as being friendly.
- Other tactics include using inside information, employing name-dropping, and using authority, supplications, sympathy, sex appeal, and greed to persuade or manipulate.
- Two approaches for influencing someone include threatening them and enticing them.
Spear Phishing Methods
- Spear phishing uses various methods, including emails, phone calls, text messages, and walkie-talkies.
- The goal is to compromise the target computer and obtain user credentials for applications.
- Methods to achieve this include setting up phishing websites, utilizing client-side exploits, and creating custom Trojan backdoors.
Wireless Recon
- In wireless reconnaissance, the goal is to gather information about a target organization's remote workers.
- Data collection may include locations such as home addresses, offices, and places they regularly visit, like luncheon places.
- Wireless attacks typically have three phases: reconnaissance, attacking the wireless access point, and attacking wireless clients.
Wireless Network Cards
- Essential features to consider when selecting a wireless network card include the supported wireless standard, antenna support, connection types, and power capabilities.
- Common wireless recon tools include Kismet, Airodumps, and Android applications.
Malware
- Malwares include Trojan horses, viruses, and worms.
- Malwares may enter systems via removable devices, attachments, fake programs, and untrusted websites.
- Malware distribution methods include using black hat search engines, spear phishing sites, and compromised legitimate websites.
- Trojans are used to create backdoors for gaining remote access and generating false traffic to create denial-of-service (DoS) attacks.
- Trojans can be used for recording screenshots, audio, and video on a victim's computer, downloading spyware and adware files, and for sending malicious emails.
- Trojans also enable infections of other systems.
- One of the methods to construct a Trojan is with a dropper and a wrapper. A wrapper binds a Trojan EXE to an innocent looking application. This wrapper combines the two programs into a single file.
- Techniques for evading anti-virus software include dividing Trojans into multiple parts and zipping them into a single file.
- Building your own is another important method.
- Trojans can also be embedded into applications, and you can change the Trojan syntax using a specialized editor.
- Avoid using Trojans downloadable from the web.
Virus Transmission and Characteristics
- The common transmission modes for viruses include file downloads, injected flash drives, and email attachments.
- Viruses affect other programs, corrupt data, transform themselves, corrupt other files, encrypt themselves, and replicate.
- Virus stages include design, propagation, launching, and detection followed by incorporation and elimination.
- One of the reasons why people create viruses can be for financial gain, play pranks, vandalism, cyber terrorism, or for research projects.
Virus Infection and Detection
- Infections can happen through downloading files without verifying the source, opening infected email attachments, installing pirated software, not upgrading plugins, or not running the latest anti-virus software
- To detect Trojans, it is possible to scan for suspicious files and folders and scan for suspicious network activities.
- Further measures can be taken by scanning for suspicious windows services, device drivers, and running a dedicated Trojan scanner.
Trojan, Spyware, and Keylogger Countermeasures
- Keylogger countermeasures include using popup blockers, installing antivirus programs, setting up firewalls, deleting phishing emails, avoiding junk email, using a firewall, and disabling auditing.
- Spyware countermeasures include using anti spyware programs and strengthening computer security levels.
- Regular checks of the task manager and caution with suspicious emails are also beneficial.
Sniffing
- Sniffing data can be passive (monitoring traffic on hubs to all ports) or active (snifing a switch-based network).
- Information obtained through sniffing includes Telnet passwords, router configurations, FTP passwords, web traffic, and email traffic.
- Protocols vulnerable to sniffing include HTTP, Telnet, rlogin, POP, IMAP, SMTP, NNTP, and FTP.
- Active wiretapping involves monitoring, recording, altering, and injecting into communication.
- Passive wiretapping only monitors and records traffic.
- To protect against sniffing, use HTTPS instead of HTTP, switches instead of hubs, SFTP instead of FTP and utilize VPNs and one-time passwords.
Footprinting and Password Attacks
- Footprinting modules involve identifying IP ranges, names, paces, and employees of a target organization.
- Activities of the module include target assessment, identifying systems and services.
- Enumeration modules involve intrusive probing, user lists, and security flaws.
- Password attacks can be non-electronic, active online, passive online, and offline.
- Techniques for password guessing usually start with ranking passwords from high to low probability and attempting each one until the correct one is found.
Privilege Escalation
- Privilege escalation can be vertical (gaining higher privileges) or horizontal (gaining the same level of privileges as existing users).
- Defenses include using encryption, implementing multi-factor authentication, and regularly patching the system.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Test your knowledge on social engineering tactics and spear phishing methods with this quiz. Explore various strategies that attackers use to manipulate individuals, including psychological tactics and technological approaches. Understand how to recognize these threats to better protect yourself and your information.
