Ethical Hacking Exam: Social Engineering and Physical Security, Exams of Nursing

An ethical hacking module 3 exam with complete solutions, focusing on social engineering tactics and physical security measures. It covers topics such as pretexting, elicitation, and physical access controls, providing a comprehensive review of key concepts in ethical hacking. The exam questions address various aspects of social engineering, including identifying different types of attacks, understanding attacker motivations, and implementing security measures to prevent unauthorized access. Additionally, the exam explores physical security practices, such as implementing emergency lighting, using closed-circuit television, and understanding physical barriers. This resource is valuable for students and professionals seeking to enhance their knowledge of ethical hacking and security.

Typology: Exams

2024/2025

Available from 07/15/2025

michael-abonyo
michael-abonyo 🇺🇸

202 documents

1 / 8

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Ethical Hacking Module 3 exam with
complete solution
Social engineers are master manipulators. Which of the following are tactics they
might use?
Eavesdropping, ignorance, and threatening
Keylogging, shoulder surfing, and moral obligation
Shoulder surfing, eavesdropping, and keylogging
Moral obligation, ignorance, and threatening - ANSWER-Moral obligation,
ignorance, and threatening
Which of the following best describes a script kiddie?
A hacker whose main purpose is to draw attention to their political views
A hacker who uses scripts written by much more talented individuals
A hacker willing to take more risks because the payoff is a lot higher
A hacker who helps companies see the vulnerabilities in their security - ANSWER-
A hacker who uses scripts written by much more talented individuals
Any attack involving human interaction of some kind is referred to as:
Social engineering
An opportunistic attack
Attacker manipulation
A white hat hacker - ANSWER-Social engineering
pf3
pf4
pf5
pf8

Partial preview of the text

Download Ethical Hacking Exam: Social Engineering and Physical Security and more Exams Nursing in PDF only on Docsity!

Ethical Hacking Module 3 exam with

complete solution

Social engineers are master manipulators. Which of the following are tactics they might use? Eavesdropping, ignorance, and threatening Keylogging, shoulder surfing, and moral obligation Shoulder surfing, eavesdropping, and keylogging Moral obligation, ignorance, and threatening - ANSWER-Moral obligation, ignorance, and threatening Which of the following best describes a script kiddie? A hacker whose main purpose is to draw attention to their political views A hacker who uses scripts written by much more talented individuals A hacker willing to take more risks because the payoff is a lot higher A hacker who helps companies see the vulnerabilities in their security - ANSWER- A hacker who uses scripts written by much more talented individuals Any attack involving human interaction of some kind is referred to as: Social engineering An opportunistic attack Attacker manipulation A white hat hacker - ANSWER-Social engineering

Using a fictitious scenario to persuade someone to perform an action or give information they aren't authorized to share is called: Pretexting Footprinting Impersonation Preloading - ANSWER-Pretexting Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a while. June, an administrative assistant at the law firm, is having lunch at the food court around the corner from her office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a conversation about dogs. Which phase of the social engineering process is Ron in? Development phase Elicitation phase Research phase Exploitation phase - ANSWER-Development phase You are instant messaging a coworker, and you get a malicious link. Which type of social engineering attack is this? Spam Hoax Surf Spim - ANSWER-Spim Brandon is helping Fred with his computer. He needs Fred to enter his username and password into the system. Fred enters the username and password while Brandon is watching him. Brandon explains to Fred that it is not a good idea to allow anyone to watch you type in usernames or passwords. Which type of social engineering attack is Fred referring to? Spam and spim

Feigning ignorance Host file modification DNS cache poisoning Social networking - ANSWER-DNS cache poisoning An attack that targets senior executives and high-profile victims is referred to as: Pharming Scrubbing Vishing Whaling - ANSWER-Whaling You are a security consultant and have been hired to evaluate an organization's physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to the locked door in the reception area. She uses an iPad application to log any security events that may occur. She also uses her iPad to complete work tasks as assigned by the organization's CEO. What could you do to add an additional layer of security to this organization? Require users to use workstation screensaver passwords Train the receptionist to keep her iPad in a locked drawer Move the receptionist's desk into the secured area Replace the biometric locks with smart cards - ANSWER-Train the receptionist to keep her iPad in a locked drawer While reviewing video files from your organization's security cameras, you notice a suspicious person using piggybacking to gain access to your building. The individual in question did not have a security badge. Which of the following would you most likely implement to keep this from happening in the future? Anti-passback

Scrubbing Cable locks Mantraps - ANSWER-Mantraps Implementing emergency lighting that runs on protected power and automatically switches on when the main power goes off is part of which physical control? Physical access controls Perimeter barriers Physical access logs Employee and visitor safety - ANSWER-Employee and visitor safety Closed-circuit television can be used as both a preventative tool (to monitor live events) or as an investigative tool (to record events for later playback). Which camera is more vandal-resistant than other cameras? A Pan Tilt Zoom camera A bullet camera A dome camera A c-mount camera - ANSWER-A dome camera Important aspects of physical security include which of the following? Implementing adequate lighting in parking lots and around employee entrances Influencing the target's thoughts, opinions, and emotions before something happens Preventing interruptions of computer services caused by problems such as fire Identifying what was broken into, what is missing, and the extent of the damage - ANSWER-Preventing interruptions of computer services caused by problems such as fire What are the three factors to keep in mind with physical security?

NIST

NVD

JPCERT

CAPEC - ANSWER-NIST

Which type of attack involves changing the boot order on a PC so that the hacker can gain access to the computer by bypassing the install operating system? Physical attack Opportunistic attack Man-made attack Environmental attack - ANSWER-Physical attack You have implemented a regular backup schedule for a Windows system, backing up data files every night and creating a system image backup once per week. For security reasons, your company has decided not to store a redundant copy of the backup media at an off-site location. Which of the following would be the best backup and storage option? Use incremental backups and store them in a drawer in your office Use incremental backups and store them in a locked fireproof safe Use differential backups and store them in a locked room Use differential backups and store them on a shelf next to the backup device - ANSWER-Use incremental backups and store them in a locked fireproof safe You are in the process of implementing policies and procedures that require employee identification. You observe employees holding a secure door for others to pass through. Which of the following training sessions should you implement to help prevent this in the future? Why employees should wear their badge at all times How to prevent piggybacking and tailgating Why employees should never share their ID badge with anyone

What to do if you encounter a person without a badge - ANSWER-How to prevent piggybacking and tailgating You have a set of DVD-RW discs that were used to archive files from your latest project. You need to prevent the sensitive information on the discs from being compromised. Which of the following methods should you use to destroy the data? Write junk data on the discs Degauss the discs Delete the data on the discs Shred the discs - ANSWER-Shred the discs Which of the following best describes a physical barrier used to deter an aggressive intruder? Anti-passback system Double-entry doors Large flowerpots Alarmed carrier PDS - ANSWER-Large flowerpots Joe, a bookkeeper, works in a cubicle environment and is often called away from his desk. Joe doesn't want to sign out of his computer each time he leaves. Which of the following is the best solutions for securing Joe's workstation? Configure the screen saver to require a password Apply multifactor authentication on his computer Set a strong password, that require special characters Change the default account names and passwords - ANSWER-Configure the screen saver to require a password