Module 1 Quiz >>> Which of the following is not an example of social engineering >>> Enterprise and Infrastructure Security
Correct! Demanding billing information from your ISP seems like a perfectly reasonable activity, unless you are lying to get someone else’s information.
==================================
Correct! While having budget and time with the CEO are useful, spending time with staff explaining phishing attacks is the best choice listed.
==================================
Correct! All these listed situations are potentially exploited to make a phishing attack work.
==================================
Correct! Everyone needs security awareness information, even experts in the field.
==================================
Correct! While audits technically can help with almost anything, detection of gaps with respect to frameworks is the most likely helpful.
==================================
Correct! Each of these are benefits of using a GRC platform tool in the enterprise.
==================================
Correct! None of these statements are correct. Compliance and security complement one another.
==================================
Correct! Spear phishing targets specific people, usually high value individuals, or at least someone with access to reasonably valuable corporate information.
==================================
Correct! Security assessments do benefit from the presence of GRC programs and platforms.
==================================
Correct! NIST is a reputable organization with wide reach – and this is a major advantage of the standard.