Educate employee on the risks and countermeasures Publish and also enforce clearly written protection policies

Users on her network report that they have actually received an email stating that the company has just launched a new website. The email asks employees to click the website link in the email and log in using their username and password. Nobody in your company has sent this email.

You are watching: What is the primary difference between impersonation and masquerading

What form of assault is this?


A senior executive reports that she obtained a suspiciously email concerning a sensitive, interior project the is behind production. The email is sent out from someone she doesn’t know and also he is questioning for instant clarification on several of the project’s details so the project have the right to get ago on schedule.

Which kind of an attack best explains the scenario?


Which the the adhering to is a common type of social design attack?

Hoax virus information e-mails

Which of the adhering to is no a type of social engineering?

Impersonating a user through logging on through stolen credentials

You have actually just got a generic-looking email that is addressed as coming from the administrator of your company.

See more: What Do You Do When Your Retainer Doesn T Fit Anymore !, My Retainer Doesn'T Fit Anymore

The email claims that as component of a device upgrade, you room to go to a website and enter your username and password in ~ a brand-new website so girlfriend can regulate your email and also spam using the brand-new service.

What must you do?

Verify the the email was sent by the administrator and also that this new service is legitimate

way into the back entrance that the building at work-related one morning, a male dressed as a plumber asks you come let the in so he deserve to "fix the restroom."

What should you do?

Direct him to the front entrance and also instruct him to inspect in v the receptionist

Dumpster diving is a low-tech way of gathering information that might be advantageous in gaining unauthorized access, or as a starting point for much more advanced attacks. How have the right to a firm reduce the risk connected with dumpster diving?

Establish and also enforce a document destruction policy

What is the major difference between impersonation and masquerading?

One is an ext active, the other is much more passive

An attacker sends an email pretending to be from a reliable organization, asking users to access a website come verify personal information

one attacker gathers an individual information about the target individual, that is a CEO

one attacker gathers an individual information about the target individual in an organization

an attacker searches with an organizations sensitive information

an attacker start a secured building by adhering to an authorized employee with a for sure door

one attacker offers a call to convince target people to disclose their credit card information