CISSP-ISSMP · Question #158
Which of the following attacks can be mitigated by providing proper training to the employees in an organization?
The correct answer is A. Social engineering. Proper user training is an effective way of mitigating social engineering attacks. Social engineering is the art of convincing people and making them disclose useful information such as account names and passwords. This information is further exploited by hackers to gain access t
Question
Which of the following attacks can be mitigated by providing proper training to the employees in an organization?
Options
- ASocial engineering
- BSmurf
- CDenial-of-Service
- DMan-in-the-middle
How the community answered
(23 responses)- A87% (20)
- C4% (1)
- D9% (2)
Explanation
Proper user training is an effective way of mitigating social engineering attacks. Social engineering is the art of convincing people and making them disclose useful information such as account names and passwords. This information is further exploited by hackers to gain access to a user's computer or network. This method involves mental ability of the people to trick someone rather than their technical skills. A user should always distrust people who ask him for his account name or password, computer name, IP address, employee ID, or other information that can be misused. Answer option D is incorrect. Man-in-the-middle attacks occur when an attacker successfully inserts an intermediary software or program between two communicating hosts. The intermediary software or program allows attackers to listen to and modify the communication packets passing between the two hosts. The software intercepts the communication packets and then sends the information to the receiving host. The receiving host responds to the software, presuming it to be the legitimate client. Answer option C is incorrect. A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make DoS attacks by sending a large number of protocol packets to a network. Answer option B is incorrect. In a smurf attack, the attacker sends a large number of ICMP echo requests at IP broadcast addresses using a fake source address. These requests appear to be coming from the victim's network address. Therefore, every computer within the broadcast domain starts sending responses to the victim. As a result, the victim's computer is flooded with
Topics
Community Discussion
No community discussion yet for this question.