Chapter 2
True/False
Indicate whether the statement is true or false.
1. Reconnaissance is not by definition illegal, and many reconnaissance techniques are completely legal.
2. The strongest link in any security scheme is the user.
3. Most social engineering attacks are opportunistic: the hacker uses whatever technique he or she thinks fits the
situation.
4. Breaking CD-ROMs is sufficient to destroy their data, as data cannot be recovered from broken disks.
5. Internet footprinting is a technical method of reconnaissance, which interests budding hackers and network security
specialists alike.
Multiple Choice
Identify the choice that best completes the statement or answers the question.
1. ____ uses influence and persuasion to deceive people by convincing them that the social engineer is someone he isn’t,
or by manipulation.
a.
Network enumeration
c.
Social enumeration
b.
Network penetration
d.
Social engineering
2. ____ is a method of achieving access to information by actually joining the organization as an employee or a
consultant.
a.
Deception
c.
Impersonation
b.
Bribery
d.
Conformity
3. With ____, a user is tricked into giving private information about his or her account with a known large organization.
a.
conformity
c.
deception
b.
phishing
d.
pharming
4. Newsgroups are part of an online bulletin board system called ____, which contains groups covering a huge variety of
subjects.
a.
GROUPS
c.
USENET
b.
ARPANET
d.
NEWSNET
5. ____ is an Internet tool that aids in retrieving domain namespecific information from the NSI Registrar database.
a.
WHOIS
c.
DNS
b.
Locate
d.
Whereis
Completion
Complete each statement.
1. ____________________ is the act of locating targets and developing the methods necessary to attack those targets
successfully.
2. ____________________ is the process of identifying domain names as well as other resources on the target network.
3. ____________________ is a DNS feature that lets a DNS server update its database with the list of domain names in
another DNS server.
4. There are two ping utilities available for a Linux or Unix machine: ping and ____________________.
5. The Linux command ____________________ shows you where the files appear in your PATH.
Short Answer
1. Describe some legal reconnaissance activities.
2. Describe some illegal reconnaissance activities.
3. Describe conformity as a social engineering technique.
4. Describe physical intrusion as a social engineering technique.
5. What is the importance of proper discarding of refuse?