Social engineering attack - Study guides, Class notes & Summaries

CEH Exam Study Questions with Correct Answers WPA2 uses AES for wireless data encryption at which of the following encryption levels? - Answer-128 bit and CCMP What is the best description of SQL Injection? - Answer-It is an attack used to gain unauthorized access to a database. The tester has been hired to do a web application security test. But after notices that the site is dynamic and must make use of a backend database. In order for the tester to see if SQL injection as possible, ...

Network Pro Chapter 12 Test Questions with Answers What is the definition of any attack involving human interaction of some kind? - Answer-Social Engineering Dumpster diving is a low-tech way of gathering information that may be useful for gaining unauthorized access or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving? - Answer-Establish and enforce a document destruction policy. You have just received a generic-looking email...

grants citizens the right to access certain information and records of the federal government upon request except for those by exemptions or exclusions. FOIA (Freedom of Information Act) mandates certain practices for financial record keeping SOX (Sarbanes-Oxley Act) Mandates govt agencies to protect information systems FISMA (Federal Information Security Management Act) protects the privacy of student education records FERPA (Family Educational Rights and Privacy Act) ...

How much security is enough? :~~ Just enough What is the role of the security professional? :~~ Advise, not decide, on security matters for the organization Define confidentiality :~~ Prevent unauthorized disclosure of data (privacy, security) Define integrity :~~ Prevent/detect unauthorized modification of data Define availability :~~ Ensure timely access to resources What is the opposite of confidentiality? :~~ Disclosure of data What is the opposite of integrity? 2 | P a g ...

Ack Piggybacking - The Practice of sending an ACK inside another packet going to the same destination Address resolution protocol - Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - Outside attack from network Outsider attack from telephone Insider attack from local network i...

GIAC EXAM WITH COMPLETE QUESTIONS AND ANSWERS LATEST 2024/2025 || GRADED A+. Ack Piggybacking - ANSWER The Practice of sending an ACK inside another packet going to the same destination Address resolution protocol - ANSWER Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - ANSWE...

CEH v11 Questions and Answers | Latest Update | 2024/2025 | 100% Pass What is the primary goal of ethical hacking? The primary goal of ethical hacking is to identify vulnerabilities in systems and networks to enhance security before malicious attackers can exploit them. What are the phases of a penetration test? The phases include planning, reconnaissance, scanning, gaining access, maintaining access, and analysis. What is the difference between vulnerability assessment and pen...

What is an APT? CORRECT ANSWER Advanced Persistent Threat True or false? Data exfiltration is always the last stage in a typical kill chain. CORRECT ANSWER False - the attacker may maintain access or retreat (and attempt to destroy any evidence that the attack took place). Which of the following is used to perform "Google Hacking"? CORRECT ANSWER "Google Hacking" refers to using search phrases to identify vulnerable services and devices on the web. What is OSINT? CORRECT ANSWER Open...

bounds checking - CORRECT ANSWER-to set a limit on the amount of data we expect to receive to set aside storage for that data *required in most programming languages * prevents buffer overflows race conditions - CORRECT ANSWER-A type of software development vulnerability that occurs when multiple processes or multiple threads within a process control or share access to a particular resource, and the correct handling of that resource depends on the proper ordering or timing of transactions...

CEH Final I Questions and Answers | Latest Update | 2024/2025 | Rated A+ Which of the following is a type of malware that encrypts files and demands ransom? A) Trojan B) Virus C) Ransomware D) Worm C) Ransomware What does the acronym "VPN" stand for? A) Virtual Private Network B) Variable Protocol Network C) Verified Public Network D) Virtual Public Node A) Virtual Private Network What is the role of a firewall in network security? A) To enhance user experience 2 B...