Social Engineering in Hacking

Questions and Answers

PDF Questions PDF Answers

Which two of the following steps of hacking are most likely to involve the use of social engineering? (pick 2)

Gaining Access (correct)

Covering Tracks

Recon / footprinting (correct)

Scanning / Probing

What is the goal of social engineering?

To get an authorized user to give information to an unauthorized person (correct)

To improve cybersecurity awareness

To help people make more friends

To make people behave better

Which is NOT a reason that social engineering is so successful?

Humans are good at problem solving (correct)

Humans make sloppy mistakes

Humans want to avoid confrontation

Humans want to be helpful

Which of the following social engineering techniques are best protected against by the use of a security guard or turnstile?

Piggybacking

Which of the following is a phishing attack that targets a specific individual or organization?

Spear-phishing

Which of the following is NOT an indication that the email might be a phishing email?

Attachment included

Which of the following would NOT be considered OSINT?

Google Classroom

Which of the following is NOT a technique of social engineering?

Knee Capping

Study Notes

Social Engineering in Hacking

• Social engineering is a technique used by hackers where they manipulate people into giving them information or access to systems
• Two commonly used steps in hacking that involve social engineering are Recon / Footprinting and Gaining Access.
• The goal of social engineering is to get an authorized user to give information to an unauthorized person.
• The main method used in social engineering is deception.
• Humans want to avoid confrontation is the NOT reason why social engineering is successful.
• Baiting is a social engineering technique that can be prevented by using a security guard or turnstile.
• Phishing is considered the single biggest threat in the digital world and was used in 67% of cyber attacks last year.
• Spear-phishing is a type of phishing attack that targets a specific individual or organization.
• OSINT (Open Source Intelligence) data must be free and public.
• Google Classroom is not considered OSINT.
• Faster computers is not a part of the steps in mitigating human risk when pertaining to cybersecurity.
• Knee Capping is not a technique of social engineering.
• Phishing is not a type of malware.
• Sharking is not a type of phishing.

Description

Test your knowledge on social engineering techniques used by hackers, including methods like phishing and baiting. Understand how deception plays a crucial role in gaining access to sensitive information. Discover the importance of recognizing these threats in the evolving digital landscape.