More on this book
Community
Kindle Notes & Highlights
Remember this A social engineer can gain unauthorized information just by looking over someone’s shoulder. This might be in person, such as when a user is at a computer, or remotely using a camera. Screen filters help prevent shoulder surfing by obscuring the view for people unless they are directly in front of the monitor.
A hoax is a message, often circulated through email, that tells of impending doom from a virus or other security threat that simply doesn’t exist.
Tailgating is the practice of one person following closely behind another without showing credentials.
guards. A simple mantrap can be a turnstile like those used in subways or bus stations.
Dumpster diving is the practice of searching through trash or recycling containers to gain information from discarded documents.
Remember this Dumpster divers search through trash looking for information. Shredding or burning papers instead of throwing them away mitigates this threat.
A watering hole attack attempts to discover which web sites a group of people are likely to visit and then infects those web sites with malware that can infect the visitors.
Spam is unwanted or unsolicited email.
Phishing is the practice of sending email to users with the purpose of tricking them into revealing personal information or clicking on a link.
Remember this Spam is unwanted email. Phishing is malicious spam. Attackers attempt to trick users into revealing sensitive or personal information or clicking on a link. Links within email can also lead unsuspecting users to install malware.
Spear phishing is a targeted form of phishing. Instead of sending the email out to everyone indiscriminately, a spear phishing attack attempts to target specific groups of users, or even a single user.
Whaling is a form of spear phishing that attempts to target high-level executives.
Remember this A spear phishing attack targets specific groups of users. It could target employees within a company or customers of a company. Digital signatures provide assurances to recipients about who sent an email, and can reduce the success of spear phishing. Whaling targets high-level executives.
Vishing attacks use the phone system to trick users into giving up personal and financial information. It often uses Voice over IP (VoIP) technology
Remember this Vishing is a form of phishing that uses the phone system or VoIP. Some vishing attempts are fully automated. Others start automated but an attacker takes over at some point during the call.
Remember this Antivirus software detects and removes malware, such as viruses, Trojans, and worms. Signature-based antivirus software detects known malware based on signature definitions. Heuristic-based software detects previously unknown malware based on behavior.
Data execution prevention (DEP) is a security feature that prevents code from executing in memory regions marked as nonexecutable.
Advanced Malware Protection (AMP)
The challenge with any spam filter is to only filter out spam, and never filter out actual email.
a zero-day vulnerability is a vulnerability or bug that is unknown to trusted sources, such as operating system and antivirus vendors.
Remember this Educating users about new viruses, phishing attacks, and zero-day exploits helps prevent incidents. Zero-day exploits take advantage of vulnerabilities that aren’t known by trusted sources, such as operating system vendors and antivirus vendors.
Remember this Many of the reasons that social engineers are effective are because they use psychology-based techniques to overcome users’ objections. Scarcity and urgency are two techniques that encourage immediate action.
B.
A.
C.
B.
C.
A.
B.
D.
B.
B.
B.
D.
A.
B.
D.
A denial-of-service (DoS) attack is an attack from one attacker against one target. A distributed denial-of-service (DDoS) attack is an attack from two or more computers against a single target.
Remember this A denial-of-service (DoS) attack is an attack from a single source that attempts to disrupt the services provided by another system. A distributed denial-of-service (DDoS) attack includes multiple computers attacking a single target. DDoS attacks typically include sustained, abnormally high network traffic.
privilege escalation tactics that attackers often use. For example, attackers often use remote access Trojans (RATs) to gain access to a single system.
Spoofing occurs when one person or entity impersonates or masquerades as someone or something else.
However, it’s possible to use software methods to associate a different MAC address to the NIC in a MAC spoofing attack.
In an IP spoofing attack, the attacker changes the source address so that it looks like the IP packet originated from a different source.
Remember this Spoofing attacks typically change data to impersonate another system or person. MAC spoofing attacks change the source MAC address and IP spoofing attacks change the source IP address.
servers on the Internet.
The SYN flood attack disrupts the TCP handshake process and can prevent legitimate clients from connecting.
A man-in-the-middle(MITM) attack is a form of active interception or active eavesdropping.
Address Resolution Protocol (ARP) poisoning is one way that an attacker can launch an MITM attack.
ARP poisoning is an attack that misleads computers or switches about the actual MAC address of a system.
Remember this ARP poisoning attacks attempt to mislead systems about the actual MAC address of a system. ARP poisoning is sometimes used in man-in-the-middle attacks.
