Which resource would mitigate piggybacking and tailgating? security guard camera "no trespassing" warnings badge/card access Explanation & Hint: An access control vestibule is an example of a preventive security control.…
Which two access control options are commonly used in conjunction with access control vestibules? (Choose two.) proximity card and PIN turnstile security guard toll collector biometric scan Explanation & Hint:…
What two physical attacks are mitigated by using access control vestibules? (Choose two.) shoulder surfing dumpster diving tailgating badge cloning piggybacking Explanation & Hint: Piggybacking and tailgating can be defeated…
Which Apple iOS and Android tool can be used to spoof a phone number? SpoofApp Nessus Asterisk BeEF Explanation & Hint: Several call spoofing tools can be used in social…
Which tool provides a threat actor a web console to manipulate users who are victims of cross-site scripting (XSS) attacks? Asterisk SET BeEF Nikto Explanation & Hint: Browser Exploitation Framework…
Which social engineering physical attack statement is correct? In the tailgating attack, an unauthorized person tags along with an authorized person to gain entry to a restricted area with the…
A threat actor has sent a phishing email to a victim stating that suspicious activity has been detected on their bank account and that they must immediately click on a…
Apple is a company constantly working towards making its products and processes more environmentally friendly. Therefore, the Apple brand is associated with ideals and values that customers can relate to…
A salesperson is attempting to convince a customer to buy a product because limited supplies are available. Which social engineering method of influence is being used by the salesperson? social…
What method of influence is characterized when a celebrity endorses a product on social media? social proof scarcity authority fear Explanation & Hint: Social proof is a method of influence…
Which option is a voice over IP management tool that can be used to impersonate caller ID? SpoofCard Asterisk SpoofApp Nikto Explanation & Hint: Several call spoofing tools can be…
Why would a threat actor use the Social-Engineering Toolkit (SET)? to send a spear phishing email to spoof a phone number to manipulate users by leveraging XSS vulnerabilities to practice…
A threat actor has altered the host file for a commonly accessed website on the computer of a victim. Now when the user clicks on the website link, they are…
What is the act of gaining knowledge or information from a victim without directly asking for that particular information? influence elicitation interrogation impersonation Explanation & Hint: Elicitation is the act…
What is a watering hole attack? an attack carried out in a phone conversation an attack targeted at high-profile business executives and key individuals in a company an attack that…
What type of threat allows an attacker to obtain the credentials of a bank client by spoofing the login webpage of a financial institution? piggybacking vishing whaling malvertising Explanation &…
What command will prevent all unencrypted passwords from displaying in plain text in a configuration file? (config)# enable password secret (config)# enable secret Secret_Password (config-line)# password secret (config)# service password-encryption…
A networking technician is working on the wireless network at a medical clinic. The technician accidentally sets up the wireless network so that patients can see the medical records data…
What guidance does the NIST Cybersecurity Framework provide to help improve an organization's cybersecurity posture? The framework outlines standards and industry best practices. The framework provides a global consolidation of…
What is the advantage of using the target Wi-Fi network for reconnaissance packet inspection? Physical access to the building may not be required. The packet scan takes less time wirelessly…