Chapter 07: Pervasive Attack Surfaces and Controls

These flashcards cover key terms and concepts from Chapter 07 related to social engineering attacks, physical defenses, and data security measures.

Social Engineering

A means of eliciting information or convincing a user to take action that weakens security, often through deception.

Phishing

An attack method involving sending a fraudulent email to trick the user into providing sensitive information.

Human Vectors

Individuals who are exploited during social engineering attacks to breach security.

Misinformation

False or inaccurate information, often disseminated without malicious intent.

Pharming

A type of redirection attack where the user is directed to a fake website.

Dumpster Diving

Searching through trash to find useful information to aid in a social engineering attack.

Faraday Cage

A structure that blocks electromagnetic fields to protect sensitive data from interception.

Data Minimization

A principle of limiting data collection to only what is necessary for a specified purpose.

Two-Person Integrity

A security control that requires two personnel to be present for higher security measures.

Critical Data

Data that must be rigorously protected due to its crucial importance for business operations.