Download SY304 EXAM WITH COMPLETE SOLUTIONS 100% VERIFIED!! and more Exams Advanced Education in PDF only on Docsity!
SY 304 EXAM WITH COMPLETE SOLUTIONS 100 % VERIFIED!!
What is social engineering - ANSWER The process of deceiving people into giving awayaccess to confidential information
What are the 6 parts of the ontological model of Social Engineering? - ANSWER Goal,Medium, Compliance Principles, Target, Social Engineer, Techniques.
Name 3 types of Social Engineering - ANSWER Phishing, Shoulder surfing,Piggybacking.
What is the weakest factor in Social Engineering? - ANSWER The human element. Name 3 principles that victims respond to in Social Engineering. - ANSWER Herd,Authority, Kindness
Technocratic Dominance is asymmetry used to place the target in a less powerfulposition. - ANSWER True
What revolutionized social engineering by inverting the social hierarchy? - ANSWERPhreakers
Occurs when one group enjoys a significant knowledge advantage over another: -ANSWER Epistemic Asymmetry
Social Engineering is viewed as offense today - ANSWER False What is an Online Social Network (OSN)? Provide a danger example. - ANSWER Aplatform for social interaction online. Danger example: Personal info exposure and identity theft.
How many categories of threat exist for OSNs? - ANSWER 4 Which are Classic Threat examples for OSN? - ANSWER Malware, Clickjacking,De-anonymizing Attack, Facial Recognition.
Multi-Factor Authentication can help prevent social bots. - ANSWER True Which is NOT a privacy protection method? - ANSWER Click on ads for protection on thenetwork.
Which best describes impersonation? - ANSWER Pretending to be a trusted individual togain sensitive information.
Common goal of impersonation? - ANSWER To trick someone into revealing confidentialinformation.
Impersonators are LEAST likely to pose as: - ANSWER A social media commenter. Impersonation exploits trust and authority. - ANSWER True Impersonation only occurs online. - ANSWER False What is tailgating? - ANSWER Gaining access by following an authorized person. Difference from piggybacking? - ANSWER Piggybacking — authorized user is aware. Hardware solution to tailgating? - ANSWER Man traps.
Major Dark Web marketplace taken down in 2013? - ANSWER Silk Road. Another Dark Web network besides Tor? - ANSWER I2P Why do many online accounts remain vulnerable even users are encouraged to createstrong passwords - ANSWER Users dont generally understand how to judge the strength of a password What was a key finding of the Audit Commissions 2001 IT abuse survey - ANSWER Asignificant portion of abuse was due to lack of security awareness and training
According to Furnell, in Internet Explorers security settings, many user struggled tounderstand which concept - ANSWER Content zones like Trusted sites and Restricted sites According to Ashden et al 2008, what is a critical human factor that individuals bringinto an organization beyond their work role. - ANSWER their personal and social identities Information Security management focuses only on technical solutions and does notrequire attention to human factors like organizational culture or communicator - ANSWER False Which of the following is NOT one of the three reverse social engineering attackspresented by Irani et all. (2011) - ANSWER Sybil-Based RSE
Which is NOT an advantage of an automated social engineering attack? (Kaul andSharme) - ANSWER Minimize human error by attackers
What king of attack break and manipulate the trust mechanism behind peer-to-peersystems [Jhaveriet et al 2014] - ANSWER Sybil attack
In what two ways can Reverse Social Engineering attacks classified? - ANSWERTargeted/ Untargeted and Direct/Mediated
Which RSE method is used when an attacker visits a victim online profile in hopes thatthis activity piques the interest of the victim enough to initiate contact. - ANSWER Visiter Tracking Based RSE Which of the following is not a type of lock pick? - ANSWER Triangle Pick How do traditional key locks work - ANSWER The key raises a series of pins to thecorrect height, based on the shape of the key, and unlocks the lock
There is a lock that is unpickable - ANSWER False Which of the following is not a part of a lock - ANSWER Compressor The DoD authorize the use of locks that meet federal specifications FF-L-2740 tosafeguard classified or sensitive information - ANSWER True
What is the primary goal of a phishing attack? - ANSWER To gain unauthorized accessto sensitive information
Which of the following is the best example of a phishing attack - ANSWER An emailpretending to be from your employer asking for your login credentials
What is a characteristic of a spear-phishing attack - ANSWER it targets a specificindividual or organization with personalized content
Which of the following practices can best help protect against phishing attacks -ANSWER Verifying suspicious emails from unknown senders
Ensure firewall use and computer use - ANSWER All in one security solutions Include firewall prompts that provide users with a mental model What method was used to collect data from participants - ANSWER Interviews wereconducted
Most participants were aware of the functionality of personal firewalls and their role inprotecting computers - ANSWER False
How did investigators uncover Dread Pirate Roberts real name, Ross Ulbricht -ANSWER By linking his Frosty allies to a Shroomery.org forum post that used his email with his name How did law enforcement finally apprehend Ross Ulbricht (DPR) - ANSWER They waitedin the Glen Park Branch Library until he logged into the Silk Road admin panel, then an undercover agent snatched his open laptop and he was immediately cuffed. Silk Road could only be accessed via the Tor Network, end all transactions on the sitewere conducted using Bitcoin - ANSWER True
The assassination of Curtis Green ordered by Dread Pirate Roberts was a genuinekilling - ANSWER False
As of January 2025, Ross Ulbricht is still serving his life sentence in prison - ANSWERFalse
Which one of the following is NOT a solution to using generative AI effectively andethically during its early stages - ANSWER Remove transparency
What is the automation conundrum described by Endsley - ANSWER As autonomy and
reliability increase human operators situation awareness decreases What model does Endsley propose to help oversight in human - autonomy systems -ANSWER HASO - Human-Autonomy System Oversight Model
Which of the following is NOT listed as a major influencing trust in automation - ANSWEROperator Salary
Automation that supports situation awareness tends to reduce out of the loop errormore effectively than automation that makes decisions for humans - ANSWER True
