ethical hacking Essentials (EHE) module5 QUESTIONS WITH ANSWERS

ethical hacking Essentials (EHE) module5 |\ |\ |\ |\




QUESTIONS WITH ANSWERS
|\ |\ |\




Familiarity - CORRECT ANSWERS ✔✔liking implies that people are
|\ |\ |\ |\ |\ |\ |\ |\


more likely to be persuaded to do something when they are
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


asked by someone whom they like. This indicates that people are
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\


more likely to buy products if they are advertised by an admired
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


celebrity.


Scarcity - CORRECT ANSWERS ✔✔implies the state of being
|\ |\ |\ |\ |\ |\ |\ |\ |\


scarce. In the context of social engineering, scarcity often implies
|\ |\ |\ |\ |\ |\ |\ |\ |\


creating a feeling of urgency in a decision-making process. Due
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


to this urgency, attackers can control the information provided to
|\ |\ |\ |\ |\ |\ |\ |\ |\


victims and manipulate the decision-making process.
|\ |\ |\ |\ |\ |\




Intimidation - CORRECT ANSWERS ✔✔refers to an attempt to |\ |\ |\ |\ |\ |\ |\ |\ |\


intimidate a victim into taking several actions by using bullying
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\


tactics. It is usually performed by impersonating some other
|\ |\ |\ |\ |\ |\ |\ |\ |\


person and manipulating users into disclosing sensitive
|\ |\ |\ |\ |\ |\ |\


information.


Authority - CORRECT ANSWERS ✔✔implies the right to exercise
|\ |\ |\ |\ |\ |\ |\ |\ |\


power in an organization. Attackers take advantage of this by
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\


presenting themselves as a person of authority, such as a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\


technician or an executive, in a target organization to steal
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\


important data. |\

, John was eagerly waiting to buy a new Apple phone online that
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


was out of stock. An attacker took advantage of this situation and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


sent a phishing email to the target users, encouraging them to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


click on a link provided in the email to buy the product. John
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


clicked on the malicious link embedded in the email and was
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


redirected to the website controlled by the attacker. As a result,
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


John entered his bank account details on the attacker's website.
|\ |\ |\ |\ |\ |\ |\ |\ |\




Identify the social engineering context created by the attacker in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\


the above scenario. - CORRECT ANSWERS ✔✔Scarcity
|\ |\ |\ |\ |\ |\




Select a target - CORRECT ANSWERS ✔✔After finishing their
|\ |\ |\ |\ |\ |\ |\ |\ |\


research, the attacker selects a target for extracting sensitive
|\ |\ |\ |\ |\ |\ |\ |\ |\


information about the organization. Usually, attackers try to |\ |\ |\ |\ |\ |\ |\ |\


reach out to disgruntled employees because they are easier to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\


manipulate.


Research the target company - CORRECT ANSWERS ✔✔Before |\ |\ |\ |\ |\ |\ |\ |\


attacking the target organization's network, an attacker gathers
|\ |\ |\ |\ |\ |\ |\ |\


enough information to infiltrate the system. Social engineering is
|\ |\ |\ |\ |\ |\ |\ |\ |\


one technique that helps in extracting information.
|\ |\ |\ |\ |\ |\




Develop a relationship - CORRECT ANSWERS ✔✔Once the target
|\ |\ |\ |\ |\ |\ |\ |\ |\


is set, the attacker builds a relationship with that employee to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\


accomplish their task. |\ |\




Exploit the relationship - CORRECT ANSWERS ✔✔The attacker
|\ |\ |\ |\ |\ |\ |\ |\


exploits the relationship and extracts sensitive information about
|\ |\ |\ |\ |\ |\ |\ |\


the organization's accounts, finance information, technologies in
|\ |\ |\ |\ |\ |\ |\


use, and upcoming plans.
|\ |\ |\