EC-COUNCIL EC-COUNCIL Certifications 312-50 Questions & Answers

• Question 291:

  Jack Hackers wants to break into Brown's Computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co. pretending to be an administrator from Brown Co. Jack tell Jane that there has been a problem with some accounts and asks her to verify her password with him "just to double check our records". Jane does not suspect anything amiss and parts her password. Jack can now access Brown Co.'s computer with a valid username and password to steal the cookie recipe. What kind of attack is being illustrated here?

  A. Faking Identity

  B. Spoofing Identity

  C. Social Engineering

  D. Reverse Psychology

  E. Reverse Engineering

  Correct Answer: C

  Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.

• Question 292:

  Which of these are phases of a reverse social engineering attack? Select the best answers.

  A. Sabotage

  B. Assisting

  C. Deceiving

  D. Advertising

  E. Manipulating

  Correct Answer: ABD

  According to "Methods of Hacking: Social

  Engineering", by Rick Nelson, the three phases of reverse social engineering attacks are sabotage, advertising, and assisting.

• Question 293:

  Dave has been assigned to test the network security of Acme Corp. The test was announced to the employees. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a sand clock to mark the progress of the test. Dave successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access. How was security compromised and how did the firewall respond?

  A. The attack did not fall through as the firewall blocked the traffic

  B. The attack was social engineering and the firewall did not detect it

  C. The attack was deception and security was not directly compromised

  D. Security was not compromised as the webpage was hosted internally

  Correct Answer: B

  This was just another way to trick the information out of the users without the need to hack into any systems. All traffic is outgoing and initiated by the user so the firewall will not react.

• Question 294:

  Sabotage, Advertising and Covering are the three stages of _____

  A. Social engineering

  B. Reverse Social Engineering

  C. Reverse Software Engineering

  D. Rapid Development Engineering

  Correct Answer: B

  Typical social interaction dictates that if someone gives us something then it is only right for us to return the favour. This is known as reverse social engineering, when an attacker sets up a situation where the victim encounters a problem, they ask the attacker for help and once the problem is solved the victim then feels obliged to give the information requested by the attacker.

• Question 295:

  Which type of hacker represents the highest risk to your network?

  A. script kiddies

  B. grey hat hackers

  C. black hat hackers

  D. disgruntled employees

  Correct Answer: D

  The disgruntled users have some permission on your database, versus a hacker who might not get into the database. Global Crossings is a good example of how a disgruntled employee -- who took the internal payroll database home on a hard drive -- caused big problems for the telecommunications company. The employee posted the names, Social Security numbers and birthdates of company employees on his Web site. He may have been one of the factors that helped put them out of business.

• Question 296:

  A majority of attacks come from insiders, people who have direct access to a company's computer system as part of their job function or a business relationship. Who is considered an insider?

  A. The CEO of the company because he has access to all of the computer systems

  B. A government agency since they know the company computer system strengths and weaknesses

  C. Disgruntled employee, customers, suppliers, vendors, business partners, contractors, temps, and consultants

  D. A competitor to the company because they can directly benefit from the publicity generated by making such an attack

  Correct Answer: C

  An insider is anyone who already has an foot inside one way or another.

• Question 297:

  Study the following e-mail message. When the link in the message is clicked, it will take you to an address like: http://hacker.xsecurity.com/in.htm. Note that hacker.xsecurity.com is not an official SuperShopper site! What attack is depicted in the below e-mail?

  Dear SuperShopper valued member,

  Due to concerns, for the safety and integrity of the SuperShopper community we have issued this warning message. It has come to our attention that your account information needs to be updated due to inactive members, frauds and spoof

  reports.

  If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service. However, failure to update your records will result to your account cancellation. This

  notification expires within 24 hours.

  Once you have updated your account records your SuperShopper will not be interrupted and will continue as normal.

  Please follow the link below and renew your account information.

  https://www.supershopper.com/cgi-bin/webscr?cmd=update-run

  SuperShopper Technical Support http://www.supershopper.com

  A. Phishing attack

  B. E-mail spoofing

  C. social engineering

  D. Man in the middle attack

  Correct Answer: A

  Phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well.

• Question 298:

  Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access

  card and follows him through the open door into the secure systems area.

  How would you describe Jason's behavior within a security context?

  A. Trailing

  B. Tailgating

  C. Swipe Gating

  D. Smooth Talking

  Correct Answer: B

  Tailgating, in which an unauthorized person follows someone with a pass into an office, is a very simple social engineering attack. The intruder opens the door, which the authorized user walks through, and then engages them in conversation about the weather or weekend sport while they walk past the reception area together.

• Question 299:

  Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

  A. issue special cards to access secured doors at the company and provide a one-time only brief description of use of the special card

  B. to post a sign that states "no tailgating" next to the special card reader adjacent to the secured door

  C. setup a mock video camera next to the special card reader adjacent to the secured door

  D. to educate all of the employees of the company on best security practices on a recurring basis

  Correct Answer: D

  Tailgating will not work in small company's where everyone knows everyone, and neither will it work in very large companies where everyone is required to swipe a card to pass, but it's a very simple and effective social engineering attack against mid-sized companies where it's common for one employee not to know everyone. There is two ways of stop this attack either by buying expensive perimeter defense in form of gates that only let on employee pass at every swipe of a card or by educating every employee on a recurring basis.

• Question 300:

  Within the context of Computer Security, which of the following statements best describe Social Engineering?

  A. Social Engineering is the act of publicly disclosing information.

  B. Social Engineering is the act of getting needed information from a person rather than breaking into a system.

  C. Social Engineering is the means put in place by human resource to perform time accounting.

  D. Social Engineering is a training program within sociology studies.

  Correct Answer: B

  Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.