Educate employee on the risks and countermeasures Publish and also enforce plainly written defense policies

Users on her network report the they have received an email stating that the firm has just launched a new website. The email asks employee to click the website connect in the email and also log in utilizing their username and password. No one in your company has sent this email.

You are watching: What is the primary difference between impersonation and masquerading

What form of strike is this?


A an elderly executive reports that she obtained a suspiciously email worrying a sensitive, interior project the is behind production. The email is sent out from who she doesn’t know and he is questioning for instant clarification on number of of the project’s details for this reason the project have the right to get back on schedule.

Which form of an assault best explains the scenario?


Which of the following is a common kind of social design attack?

Hoax virus info e-mails

Which the the adhering to is not a type of social engineering?

Impersonating a user by logging on v stolen credentials

You have actually just got a generic-looking email that is addressed together coming native the administrator of your company.

See more: Wizards Of Waverly Place Season 2 Episode 17, Alex Does Good

The email states that as component of a mechanism upgrade, you room to go to a website and also enter her username and password at a new website so girlfriend can regulate your email and also spam utilizing the brand-new service.

What need to you do?

Verify the the email was sent out by the administrator and that this new service is legitimate

way right into the earlier entrance the the structure at job-related one morning, a male dressed together a plumber asks you come let the in so he deserve to "fix the restroom."

What should you do?

Direct him to the front entrance and instruct him to check in with the receptionist

Dumpster diving is a low-tech way of gathering information that might be beneficial in obtaining unauthorized access, or as a starting point for more advanced attacks. How have the right to a company reduce the risk associated with dumpster diving?

Establish and also enforce a paper destruction policy

What is the primary difference in between impersonation and also masquerading?

One is more active, the other is more passive

An attacker sends an e-mail pretending to be from a reliable organization, asking customers to access a website come verify an individual information

one attacker gathers an individual information around the target individual, who is a CEO

one attacker gathers personal information around the target separation, personal, instance in one organization

one attacker searches through an organizations sensitive information

one attacker start a secured building by following an authorized employee v a certain door

an attacker supplies a telephone to to convince target individuals to disclose their credit transaction card information