Dumpster diving - Study guides, Class notes & Summaries

Types of authentication credentials correct answers -Where you are: military base -What you have: key fob to lock your car -What you are: facial characteristics -What you know: combination to health club locker -What you do: do something to prove authenticity User logging in to a system correct answers -asked to identify himself (enter username) -asked to authenticate (enter password) Password correct answers -most common type of authentication -provide only weak protection -actio...

What is insurance coverage? Correct Answer-The amount your insurance company is willing to pay The dollar amount you have to pay before an insurance plan takes effect and the insurance company starts paying is the __________. Correct Answer-Deductible Which of the following things does the Affordable Care Act do? Correct Answer-Allows young adults to stay on their parents' insurance until the age of 26 What does COBRA status allow you to do? Correct Answer-Stay on your employer's insu...

Security+ Cert Exam Objectives SYO-601 (This is for the 2024 Security+ Exam) Good Luck!!

SYO 601 Questions and Answers Already Passed Usually when phishing, there is something ___ with the presented screen Not Quite Right A technique in phishing where the attacker misspells one letter in the URL hoping they won't notice Typosquatting In phishing, adding text at the beginning of the URL Prepending In phishing, lying to get info, such as pretending to be VISA Pretexting When an attacker wants to target multiple people or servers simultaneously Pharming With pharming, attacker ta...

CMIS 426 EXAM 1 QUESTIONS & ANSWERS 2024/2025 254 - ANSWERS 443 - ANSWERS-Secure Hypertext Transfer Protocol •Reserved for secure connections to a Web server black box - ANSWERSA model for penetration testing in which management doesn't divulge to IT security personnel that testing will be conducted or give the testing team a description of the network topology Certified Information Systems Security Professional (CISSP) - ANSWERSnon vendor specific certification issued by Inter...

When a penetration tester starts gathering details about employees, vendors, business processes, and physical security, which phase of testing are they in? Scanning Reconnaissance Covering tracks Gaining access Reconnaissance Which of the following elements of penetration testing includes the use of web surfing, social engineering, dumpster diving, and social networking? Information types Maintaining access Information gathering techniques Permission and documentation Information gathering te...

Phishing - Fraudulent attempt to obtain sensitive information or data, by disguising oneself as a trustworthy entity in an electronic communication. Smishing - When someone tries to trick you into giving them your private information via a text or SMS message. Vishing - Using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward Spam - Irrelevant or unsolicited messages sent to a large number of Interne...

Illegal gratuity - Items to reward a decision after the recipient made the decision. Like a bribe Extortion - getting money by threats Economic extortion - When employee demands money through threats Kickbacks - Improper undisclosed payments made to obtain favorable treatment Three ways to prove corrupt payments - 1. Turn an inside witness 2. Secretly infiltrate ongoing transactions 3. Identify and trace corrupt payments through audit trail Inventory shrinkage - Loss of inventory resultin...

GIAC EXAM WITH COMPLETE QUESTIONS AND ANSWERS LATEST 2024/2025 || GRADED A+ | 100% Verified. Address resolution protocol - ANSWER Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - ANSWER Outside attack from network Outsider attack from telephone Insider attack from local netwo...

What is access control? - Answer-authorized entities can use a system when they need to. How is policy related to access control? - Answer-Policy driven control of access to systems, data, and dialogues. Examples of access control include barriers, passwords, and bio-metrics. What is the role of authentication in access control? - Answer-Verification (or not) of an individual's claim (usually of identity). What is the role of authorization in access control? - Answer-An entity (via his/her...