Ethical Hacking Module 3 exam with
complete solution
Social engineers are master manipulators. Which of the following are tactics they might
use?
Eavesdropping, ignorance, and threatening
Keylogging, shoulder surfing, and moral obligation
Shoulder surfing, eavesdropping, and keylogging
Moral obligation, ignorance, and threatening - ANSWER-Moral obligation, ignorance,
and threatening
Which of the following best describes a script kiddie?
A hacker whose main purpose is to draw attention to their political views
A hacker who uses scripts written by much more talented individuals
A hacker willing to take more risks because the payoff is a lot higher
A hacker who helps companies see the vulnerabilities in their security - ANSWER-A
hacker who uses scripts written by much more talented individuals
Any attack involving human interaction of some kind is referred to as:
Social engineering
An opportunistic attack
Attacker manipulation
A white hat hacker - ANSWER-Social engineering
Using a fictitious scenario to persuade someone to perform an action or give information
they aren't authorized to share is called:
Pretexting
Footprinting
Impersonation
, Preloading - ANSWER-Pretexting
Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a
while. June, an administrative assistant at the law firm, is having lunch at the food court
around the corner from her office. Ron notices that June has a picture of a dog on her
phone. He casually walks by and starts a conversation about dogs. Which phase of the
social engineering process is Ron in?
Development phase
Elicitation phase
Research phase
Exploitation phase - ANSWER-Development phase
You are instant messaging a coworker, and you get a malicious link. Which type of
social engineering attack is this?
Spam
Hoax
Surf
Spim - ANSWER-Spim
Brandon is helping Fred with his computer. He needs Fred to enter his username and
password into the system. Fred enters the username and password while Brandon is
watching him. Brandon explains to Fred that it is not a good idea to allow anyone to
watch you type in usernames or passwords. Which type of social engineering attack is
Fred referring to?
Spam and spim
Shoulder surfing
Eavesdropping
Keyloggers - ANSWER-Shoulder surfing
Which of the following best describes an insider attacker?
A good guy who tries to help a company see their vulnerabilities
An agent who uses their technical knowledge to bypass security
An unintentional threat actor; the most common threat
An attacker with lots of resources and money at their disposal - ANSWER-An
unintentional threat actor; the most common threat
complete solution
Social engineers are master manipulators. Which of the following are tactics they might
use?
Eavesdropping, ignorance, and threatening
Keylogging, shoulder surfing, and moral obligation
Shoulder surfing, eavesdropping, and keylogging
Moral obligation, ignorance, and threatening - ANSWER-Moral obligation, ignorance,
and threatening
Which of the following best describes a script kiddie?
A hacker whose main purpose is to draw attention to their political views
A hacker who uses scripts written by much more talented individuals
A hacker willing to take more risks because the payoff is a lot higher
A hacker who helps companies see the vulnerabilities in their security - ANSWER-A
hacker who uses scripts written by much more talented individuals
Any attack involving human interaction of some kind is referred to as:
Social engineering
An opportunistic attack
Attacker manipulation
A white hat hacker - ANSWER-Social engineering
Using a fictitious scenario to persuade someone to perform an action or give information
they aren't authorized to share is called:
Pretexting
Footprinting
Impersonation
, Preloading - ANSWER-Pretexting
Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a
while. June, an administrative assistant at the law firm, is having lunch at the food court
around the corner from her office. Ron notices that June has a picture of a dog on her
phone. He casually walks by and starts a conversation about dogs. Which phase of the
social engineering process is Ron in?
Development phase
Elicitation phase
Research phase
Exploitation phase - ANSWER-Development phase
You are instant messaging a coworker, and you get a malicious link. Which type of
social engineering attack is this?
Spam
Hoax
Surf
Spim - ANSWER-Spim
Brandon is helping Fred with his computer. He needs Fred to enter his username and
password into the system. Fred enters the username and password while Brandon is
watching him. Brandon explains to Fred that it is not a good idea to allow anyone to
watch you type in usernames or passwords. Which type of social engineering attack is
Fred referring to?
Spam and spim
Shoulder surfing
Eavesdropping
Keyloggers - ANSWER-Shoulder surfing
Which of the following best describes an insider attacker?
A good guy who tries to help a company see their vulnerabilities
An agent who uses their technical knowledge to bypass security
An unintentional threat actor; the most common threat
An attacker with lots of resources and money at their disposal - ANSWER-An
unintentional threat actor; the most common threat
