Social Engineering Security Threats Quiz

Questions and Answers

What type of attack involves overwhelming a target host with half-open TCP connections?

Session hijacking attack

Port scan attack

Reset attack

SYN flood attack (correct)

Which type of attack involves providing an invalid gateway to create a man-in-the-middle scenario?

ICMP attack

DNS attack

DHCP attack (correct)

HTTP or HTTPS attack

What error might a network administrator receive when attempting to overwrite existing Manager ACL commands?

ACL does not exist

ACL already exists (correct)

ACL is corrupted

ACL requires confirmation

In which direction was the standard ACL applied on interface serial 0/0/0 in the exhibit?

Outbound direction

What type of response does the target host send during a TCP SYN flood attack?

TCP-SYN-ACK

Which component can a cybercriminal manipulate to intercept data in a man-in-the-middle attack?

Gateway settings

What type of security threat does the scenario of a person calling to confirm a username and password for auditing purposes represent?

Social engineering

Why are DDoS attacks, spam, and keylogging not examples of social engineering?

They rely on exploiting human psychology

In security attacks, how are zombies typically utilized?

Carrying out distributed denial of service (DDoS) attacks

Which security attack technique involves threat actors intercepting and controlling communication between a source and destination?

Man-in-the-middle (MitM) attack

What distinguishes social engineering from DDoS attacks and spam?

Relies on manipulating human behavior

Which of the following is an example of social engineering?

Gaining passwords through personal interaction

What is the term used to describe the same pre-shared key or secret key, known by both the sender and receiver to encrypt and decrypt data?

Symmetric encryption

Inbound ACLs must be __________ before they are processed.

Routed

When applying an extended ACL to an interface on a router, why would the 'ip access-group 101 in' configuration option be used?

To secure management traffic into the router

When would a technician use the 'access-class 20' command in configuration?

To secure administrative access to the router

In which type of attack is falsified information used to redirect users to malicious Internet sites?

DNS cache poisoning

What is the best ACL type and placement to use when an employee's internet privileges are revoked but still needs access to company resources?

Standard ACL inbound on R1 G0/0

What is a primary feature of an Intrusion Prevention System (IPS)?

It can stop malicious packets

What is the implicit action of both named and numbered ACLs?

Deny all traffic

What term is used to describe a potential danger to a company's assets, data, or network functionality?

Threat

Which statement about ACLs is true?

Numbered ACLs permit or deny based on source IPv4 address only

In what direction would an extended ACL typically be applied on a router interface if it needs to filter incoming traffic?

Inbound

What is the main purpose of using ARP cache poisoning in a network attack?

Redirecting users to malicious sites

What does a standard access list filter on?

Source IP address

In the second scenario, which command is used to deny traffic from the 172.16.0.0/16 network?

Router(config)# access-list 95 deny 172.16.0.0 255.255.0.0

Which ACL command should be used to permit all other traffic in the second scenario?

Router(config)# access-list 95 permit any

What was the intention of the ACL configured on R1 in the third scenario?

Deny all traffic from subnet 172.16.4.0/24 into subnet 172.16.3.0/24

On which interface was the standard ACL applied in the third scenario?

FastEthernet interface Fa0/0

Which of the following commands is NOT used to specify a range of IP addresses in an ACL?

Router(config)# access-list 95 deny 172.16.0.0 255.255.0.0

Study Notes

Standard Access Lists (ACLs)

• Standard ACLs only filter on the source IP address.
• To deny traffic from a specific network, use the access-list command with the deny keyword followed by the network address and subnet mask.
• To permit all other traffic, use the access-list command with the permit keyword and the any keyword.

Access List Configuration

• When applying an ACL to an interface, the direction of the ACL is important (inbound or outbound).
• The ACL is applied to the interface using the ip access-group command.

Security Threats

• TCP SYN flood attack: a cybercriminal sends a continuous flood of TCP SYN session requests to a target host, overwhelming it with half-open TCP connections.
• Man-in-the-middle attack: a cybercriminal provides an invalid gateway to intercept data.
• Social engineering: an attacker tries to gain the confidence of an employee to obtain sensitive information.
• Zombies: infected machines that carry out a DDoS attack.

ACL Types and Placement

• Standard ACLs: permit or deny packets based on the source IPv4 address.
• Extended ACLs: permit or deny packets based on source and destination IP addresses, ports, and protocols.
• Placement of ACLs depends on the desired traffic control (inbound or outbound).

Network Security

• IPS (Intrusion Prevention System): identifies and stops malicious packets.
• Threat: a potential danger to a company's assets, data, or network functionality.
• Vulnerability: a weakness in a system that can be exploited by an attacker.
• Exploit: a piece of code or a program that takes advantage of a vulnerability.

ACL Commands

• access-list: used to create a new ACL or add to an existing one.
• access-class: used to secure administrative access to the router.
• ip access-group: used to apply an ACL to an interface.
• ip access-group in: used to apply an ACL to an interface in the inbound direction.

Description

Test your knowledge on security threats and identify the type of threat represented by a phone call requesting username and password verification for auditing purposes. Learn about social engineering tactics used to gain confidential information. Explore the dangers of divulging sensitive information over the phone.