Module 4 Footprinting and Social Engineering
questions with accurate answers
__________is one of the components most vulnerable to network
attacks. Ans✓✓✓DNS
A cookie can store information about a website's visitors Ans✓✓✓True
Before conducting a security test by using social-engineering tactics,
what should you do? Ans✓✓✓Get written permission from the person
who hired you to conduct the security test.
CIS Control 10 Ans✓✓✓Malware Defense
CIS Control 14 Ans✓✓✓Awareness Training
CIS Control 9 Ans✓✓✓Email
DNS
Email Server Anti-Malware
CNAME record Ans✓✓✓A Canonical Name record within DNS, used
to provide an alias for a domain name.
competitive intelligence Ans✓✓✓Gaining information about one's
competitors' activities so that you can anticipate their moves and react
appropriately
, cookie Ans✓✓✓A small text file that a web server stores on your
computer.
Cookie Ans✓✓✓A text file containing a message sent from a web
server to a user's web browser to be used later when the user revisits the
website.
dig (tool) Ans✓✓✓Querying a command-line tool the Domain Name
System (DNS)
DKIM (DomainKeys Identified Mail) Ans✓✓✓Is a protocol that allows
an organization to take responsibility for transmitting a message by
signing it in a way that mailbox providers can verify
DNS PTR record Ans✓✓✓Pointer:
-maps IP address to hostname
dumpster diving Ans✓✓✓Involves digging through trash receptacles to
find computer manuals, printouts, or password lists that have been
thrown away
Elicitation Ans✓✓✓Attacker extracts the information from the victim
without asking direct questions. Attack asks open-ended questions and
then keeps narrowing them to the point that the victim reveals the
questions with accurate answers
__________is one of the components most vulnerable to network
attacks. Ans✓✓✓DNS
A cookie can store information about a website's visitors Ans✓✓✓True
Before conducting a security test by using social-engineering tactics,
what should you do? Ans✓✓✓Get written permission from the person
who hired you to conduct the security test.
CIS Control 10 Ans✓✓✓Malware Defense
CIS Control 14 Ans✓✓✓Awareness Training
CIS Control 9 Ans✓✓✓Email
DNS
Email Server Anti-Malware
CNAME record Ans✓✓✓A Canonical Name record within DNS, used
to provide an alias for a domain name.
competitive intelligence Ans✓✓✓Gaining information about one's
competitors' activities so that you can anticipate their moves and react
appropriately
, cookie Ans✓✓✓A small text file that a web server stores on your
computer.
Cookie Ans✓✓✓A text file containing a message sent from a web
server to a user's web browser to be used later when the user revisits the
website.
dig (tool) Ans✓✓✓Querying a command-line tool the Domain Name
System (DNS)
DKIM (DomainKeys Identified Mail) Ans✓✓✓Is a protocol that allows
an organization to take responsibility for transmitting a message by
signing it in a way that mailbox providers can verify
DNS PTR record Ans✓✓✓Pointer:
-maps IP address to hostname
dumpster diving Ans✓✓✓Involves digging through trash receptacles to
find computer manuals, printouts, or password lists that have been
thrown away
Elicitation Ans✓✓✓Attacker extracts the information from the victim
without asking direct questions. Attack asks open-ended questions and
then keeps narrowing them to the point that the victim reveals the
