Exam 200-301 topic 1 question 1071 discussion

these exact questions come in the exam or are they just practice questions? and the same thign with labs?

social engineering attack : phoning > when someone calls you and pretend they are someone else phishing > ex : e-mail sent from the bank but in reality it's another website that wants to steal your credentials . Pharming: involves redirecting traffic from a legitimate website to a fraudulent one without the user's knowledge, which is more of a technical attack rather than social engineering.

D & E are correct Pharming: Pharming attacks redirect users from legitimate websites to fraudulent ones without their knowledge, typically by modifying the DNS settings or using malware. This can lead users to unknowingly enter their sensitive information into fake websites controlled by attackers. Phishing: Phishing attacks involve the use of fraudulent emails, messages, or websites to deceive individuals into providing sensitive information such as passwords, credit card numbers, or personal details.

a and e is correct b/c phoning is the same as vishing

Phishing is a common social engineering technique that threat actors use to send emails that appear to be from a legitimate organization (such as a bank). The goal is to get the victim to submit personal or sensitive information such as usernames, passwords, account information, financial information, and more. The email could also attempt to trick the recipient into installing malware on their device. Variations of phishing attacks include: Spear phishing Whaling Pharming Watering hole Vishing Smishing https://contenthub.netacad.com/legacy/CyberOps/1.1/en/index.html#6.2.2.7

D. pharming E. phishing

kennie is correct i believe they would have specifically called it Wishing

correct answer is DE. There's nothing like phoning. Its rather called Vishing.

The two types of attack that are categorized as social engineering are E. phishing and A. phoning. Phishing is a type of attack that involves sending fraudulent emails or messages that appear to come from a trusted source, with the goal of tricking the recipient into providing sensitive information or clicking on a malicious link. Phoning, also known as "vishing", is a social engineering attack that involves calling a victim on the phone and using various tactics to convince them to provide sensitive information or perform a specific action. Malvertising, probing, and pharming are not considered social engineering attacks. Malvertising is a type of attack where malicious advertisements are used to spread malware. Probing refers to the act of scanning a network or system for vulnerabilities or weaknesses. Pharming is a type of attack where a victim is redirected to a fake website in order to steal their personal information.

Answer is correct. DE, Pharming is like phishing in that it is a threat that tricks users into divulging private information, but instead of relying on email as the attack vector, pharming uses malicious code executed on the victim’s device to redirect to an attacker-controlled website. Because pharming runs code on the victim’s computer, the attacker does not rely on the targeted user clicking a link or replying to an email. Instead, the malicious code directs the targeted user to the attacker’s website, eliminating the extra step of a user clicking a link.