Teaching and Learning Activity

Module: Praxis S3A (HPXS301-1) (Ethical Hacking)

Week number (Date): 2 (2 March 2023)
Unit covered: Chapters 3 & 4

Instructions:

To enrich your learning experience at Boston even further, and to ensure that you are exposed to
a variety of resources in this module, announcements will be posted every week containing
additional materials or activities for you to work through.

It is important to note that these activities are neither compulsory nor weighted, but that it will be
to your advantage to participate. The purpose of the activities is to help you better understand the
content of your weekly unit/s of study, and it will assist in creating insight and deeper meaning.

This activity is based on Chapters 3 and 4 of the prescribed courseware for this module. The
suggested solutions for this activity will be posted on Thursday next week.

1. Which one of the following terms is described as “the systematic manipulation of a user to
gather information that can be used to hack into a system”?
A. Social elicitation
B. Human-Computer exposure
C. Social Engineering
D. Computer-based interaction
2. In your opinion, why is spamming not considered as a form of social engineering?

3. In the modern technology-driven world, information about a person seems to be available

everywhere. For example, after using an ATM, a user usually throws the receipt in which
the account details are mentioned. Such information becomes helpful to a hacker. Which

1 HPXS301-1-Jan-June2023-TL-W2-StM-V1-28022023
 one of the following Social engineering methods can a hacker use to access such
information about the user?
A. Pretexting
B. Baiting
C. Quid Pro Quo
D. Dumpster diving
4. In phishing, attackers target a certain medium to reach potential victims. Identify the
primary medium used in this form of social engineering.
A. Emails
B. WI-FI network
C. Operating systems
D. Surveillance camera
5. What is the major objective of threat modeling?
A. Identify the security strengths of the systems
B. Fix the security weaknesses of the system
C. Identify the security weaknesses of the system
D. Report on the security of the system
6. Piggybacking is the technique used for social engineering, as the attacker or unauthorized
person/individual follows behind an authorized person/employee and gains access to an
authorized area to observe the system, gain confidential data or for a fraudulent purpose.
Which one of the following is an alternative term for piggybacking?
A. Tailgating
B. Pretexting
C. Phishing
D. Baiting
7. What must happen in the security sequence when efforts to block initial access fail?
A. Deny direct physical access.
B. Detect the intrusion.
C. Record initial access attempts.
D. Delay the violator to allow for response.
8. From the following set of actions, identify one that exposes the hacker to the highest risk
of the hacker getting caught?
A. Passive information gathering
B. Active information gathering
C. Pen testing

2 HPXS301-1-Jan-June2023-TL-W2-StM-V1-28022023
 D. Foot printing
9. Reconnaissance countermeasures come in different forms. In what way can an organization
best counter-attacks from hackers through the DNS?
A. Patching
B. Replacement
C. Counter reconnaissance
D. White box testing
10. Select one statement that is closest to your definition of what the term "foot printing" means
A. Tracking traffic to a website
B. The signatures left on visited sites
C. Proof of identity of website visitors
D. Outdated information that has not been properly disposed of
11. As a measure against reconnaissance, organizations use official suggestions that should
be implemented. What is the term used to refer to such suggestions?
A. Standard
B. Code
C. Policy
D. Guideline

3 HPXS301-1-Jan-June2023-TL-W2-StM-V1-28022023