kenpat/comptia-a-plus-core2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
comptia-a-plus-core2/quizzes/SEC-5-quiz.md
Ken Patmonk 0c3868ea71 quizzes: expand all 35 quizzes to 15 questions each 
OPS-1 through OPS-10, OS-2, OS-3 went from 5 → 15.
OS-1, OS-4 through OS-11, SEC-1 through SEC-11, TRB-1 through TRB-4 went from 7 → 15.
Questions cover exam-weight scenarios not duplicated from original content.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19 02:43:26 -05:00

2.6 KiB
Raw Blame History

SEC-5 Quiz: Social Engineering and Attacks

Take this after studying notes/SEC-5-social-engineering-attacks.md.

Reply with answers like: 1B 2A 3D 4C 5B 6A 7D

Questions

  1. A phishing attack sent by SMS text message is called:

A. Vishing
B. Whaling
C. Smishing
D. Shoulder surfing

  1. A phishing attack targeted at a CEO is called:

A. Dumpster diving
B. Whaling
C. Tailgating
D. ARP poisoning

  1. A fake Wi-Fi access point imitates a legitimate hotel network. What attack is this?

A. Dictionary attack
B. SQL injection
C. DLP
D. Evil twin

  1. Which attack modifies database queries through unsafe user input?

A. XSS
B. DDoS
C. SQL injection
D. Shoulder surfing

  1. Which attack injects malicious scripts that run in a user's browser?

A. APIPA
B. XSS
C. Kerberos
D. BitLocker

  1. An attacker compromises a vendor software update trusted by customers. What attack type is this?

A. Piggybacking
B. Brute force
C. Vishing
D. Supply chain attack

  1. Which attack uses many systems to overwhelm a service?

A. DDoS
B. Plaintext storage
C. Tailgating
D. SAML

  1. A technician receives a call from someone claiming to be IT support asking for their password. What attack type is this?

A. Phishing
B. Vishing
C. SQL injection
D. Tailgating

  1. An attacker follows an employee through a secure door without scanning their badge. What is this called?

A. Shoulder surfing
B. Tailgating
C. Whaling
D. Smishing

  1. An attacker watches a user enter their PIN at an ATM by standing nearby. What attack is this?

A. Tailgating
B. Vishing
C. Shoulder surfing
D. Evil twin

  1. An attacker searches through discarded printed documents to find sensitive information. What is this called?

A. Dumpster diving
B. Smishing
C. Watering hole attack
D. Shoulder surfing

  1. Which attack floods a login page with many different password guesses automatically?

A. Shoulder surfing
B. Vishing
C. Brute force attack
D. Tailgating

  1. An email appears to come from the CEO asking the CFO to wire money immediately. This targeted attack is called:

A. Smishing
B. Vishing
C. Whaling or Business Email Compromise (BEC)
D. Watering hole

  1. An attacker compromises a popular developer tool website knowing IT professionals visit it. What attack type is this?

A. Vishing
B. Watering hole attack
C. Tailgating
D. Smishing

  1. What is the best general defense against social engineering attacks?

A. Disable all email
B. Use only WEP
C. Security awareness training
D. Remove all firewalls

Answer Key For Instructor

  1. C
  2. B
  3. D
  4. C
  5. B
  6. D
  7. A
  8. B
  9. B
  10. C
  11. A
  12. C
  13. C
  14. B
  15. C