MIS399 Chapter 4 (Quiz 2)

  1. A user receives an e-mail warning of a dangerous computer virus and instructing the user to delete files it claims were put there by the virus. However, the files are actually critical system files. Which term describes this scenario?   A hoax
  2. Dumpster diving occurs when a hacker gains access to a computer and tries to recover files from the recycle bin in the hopes of finding privileged information.  False
  3. Phishing is the most common form of social engineering attack related to computer security.  True
  4. Setting up a rogue access point is a good way to prevent social engineering attacks.  False
  5. Shoulder surfing occurs when the attacker simply looks over the shoulder of a user at work, watching as a coworker enters their password.  True
  6. The only means of social engineering is through direct contact between the target and the attacker.  False
  7. Voice communication caller ID systems can be spoofed.  True
  8. What activity is most effective for encouraging an awareness of issues such as social engineering and good security habits in employees?   Providing training
  9. What common password character combinations do users tend to use when creating passwords?   Names of family, pets, or teams
  10. What is a paradox of social engineering attacks?  People are not only the biggest problem and security risk but also the best tool in defending against an attack.
  11. Which statement accurately describes how pharming is accomplished?  The user is directed to a fake web site as a result of modification of local host files, which are used to convert URLs to the appropriate IP address.
  12. Which statement describes an example of a poor security practice?  An employee creates a good password and then uses it for all accounts.
  13. Which statement describes how an attacker can open up a backdoor?   A user can install an unsecured wireless access point so that they can access the organization’s network from many different areas.
  14. Which statement describes how dumpster diving is accomplished?   An attacker attempts to find little bits of information that could be useful for an attack in a target trash can.
  15. Which statement describes how reverse social engineering is accomplished?   An attacker tries to convince the target to initiate contact and then gets the target to give up confidential information.
  16. Which statement describes how shoulder surfing is accomplished?  An attacker directly observes the target entering sensitive information on a form, keypad, or keyboard.
  17. Which statement describes the security risk of installing games on an organization’s system?  The software may contain a piece of malicious code capable of opening a backdoor.
  18. Which statement describes why social engineering is successful?  People have a basic desire to be helpful.
  19. Which statement explains why vishing is successful?  Vishing is successful because of the trust that individuals place in the telephone system.
  20. Which statement identifies a good first step for companies to take to fight potential social engineering attacks?   Establish policies and procedures dictating the roles and responsibilities all users, as well as security administrators.

Other Links:

Statistics Quiz

Networking Quiz

See other websites for quiz:

Check on QUIZLET

Check on CHEGG

Post Views: 94

Leave a Reply

Your email address will not be published. Required fields are marked *