Explore topic-wise InterviewSolutions in .

Correct option is (a) True

To explain I WOULD say: Footprinting is USED to COLLECT information such as namespace, employee info, phone number and emails, JOB details, IP ADDRESS domain name, geo-location, browsing history etc.

Right OPTION is (B) YouTube

Easiest explanation: Information can be AVAILABLE FREE from some sites and DATABASES residing on the internet. These services and sites are – Whois, Nslookup, Archive Sites, open-source software sites etc.

Correct ANSWER is (d) Document files

Explanation: Internet is a common medium for gathering information such as from Domain name, IP address of the target USER, ENUMERATION of victim’s system, IDSes running, TCP & UDP SERVICES etc.

Right option is (c) Footprinting

Best explanation: Footprinting is a COMPONENT of the reconnaissance stage which is necessary to methodically & SYSTEMATICALLY ensure all pieces of information related to the TARGET. It can be either active or PASSIVE footprinting.

Right option is (c) Footprinting

Easy explanation: Footprinting is a component of the reconnaissance stage that is used to gather POSSIBLE information for a target COMPUTER SYSTEM or network. It can be either active or passive footprinting.

The CORRECT option is (b) attacker

Explanation: An attacker SPENDS 85% of his/her TIME in profiling an ORGANIZATION and rest amount in launching the attack. Footprinting results in a unique organization profile with respect to the networks.

Correct answer is (c) Footprinting

Explanation: Footprinting is a component of the reconnaissance stage that is used to GATHER POSSIBLE information for a TARGET computer system or NETWORK. It can be either ACTIVE or passive footprinting.

Correct option is (d) 2

For explanation I would say: Footprinting is a component of the reconnaissance stage that is used to gather possible information for a target COMPUTER system or network. It can be of 2 TYPES: ACTIVE or passive footprinting.

The CORRECT option is (a) True

Explanation: Mapping of data-flow in an organization from DIFFERENT systems (to RECORD the downstream and upstream SOURCES) is very useful in understanding the risk better DUE to actual & potential data leakage.

The correct OPTION is (a) DATA loss PREVENTION

Explanation: Data loss prevention focuses on the detection & prevention of sensitive data exfiltration and lost data. It also DEALS with lost & stolen thumb drive or data blocked by ransomware ATTACKS.

Right answer is (a) True

To explain I would say: Data leakage prevention is based on factors LIKE access controls, persistent, ENCRYPTION, alerting, tokenization, blocking dynamic data MASKING, ETC. Like data loss prevention, data leakage also needs concern and care for data safety.

Correct choice is (b) Manage

The best I can explain: The three steps of data loss prevention are – Identify, Discover and CLASSIFY. First, you have to identify the SYSTEMS of records. Then you’ve to classify what comprises of sensitive data on those systems & discover the data ELEMENTS which are sensitive depending on those classifications.

Right option is (a) DATA exfiltration

The EXPLANATION: Data exfiltration is the unauthorized movement of data. It comprises data exportation, data EXTRUSION, data LEAKAGE, and data theft and all of them come under data HACKING.

Correct answer is (a) CLASSIFY

The best explanation: The three STEPS of data loss prevention are – Identify, Discover and Classify. FIRST, you have to identify the systems of records. Then you’ve to classify what COMPRISES of sensitive data on those systems & discover the data elements which are sensitive depending on those classifications.

The CORRECT choice is (a) Dumpster diving

For EXPLANATION: Physical data leakage can be done intentionally by criminal-minded people who can fetch data from dumpster diving, SHOULDER surfing, data mentioned in printed PAPERS or TAKEN out of photocopiers.

Right option is (d) Dumpster diving

Easiest explanation: MANY organizations provide employees right to use the internet, emails as well as instant messaging as part of their role. But these are PRIOR targets of hackers for data LEAKING using techniques such as PHISHING, spoofing and attacking TARGET victim using malware.

The correct option is (d) phishing

Easy explanation: Physical data leakage can be done intentionally by criminal-minded PEOPLE who can fetch data from DUMPSTER DIVING, SHOULDER surfing, data MENTIONED in printed papers or taken out of photocopiers.

The correct option is (a) Ill-intentional data LEAKAGE

Explanation: When leakage of data is done PURPOSELY or because of the lack of employee’s concern toward confidential data is CALLED Ill-intentional data leakage done by employees of an organization.

Right option is (a) True

Easiest explanation: “Unintentional” data leakage doesn’t essentially MEAN INTENDED or malicious. It has been found that the majority of data leakage incidents are ACCIDENTAL but it can still RESULT in the same PENALTIES and reputational damage.

Correct OPTION is (a) True

The explanation: “Unauthorized” data leakage doesn’t essentially MEAN intended or malicious. It has been found that the majority of data leakage incidents are ACCIDENTAL but the loss OCCURRED are severe.

Correct answer is (d) Television

The explanation: Data LEAKAGE threats are COMMON from web and emails, mobile data storage DEVICES such as INTERNAL or external storage and memory cards, from USB drives and LAPTOPS.

Correct CHOICE is (c) low and SLOW data theft

The explanation is: Data leakage is also KNOWN as ‘low and slow data theft’, which is a massive issue for data security & the damage CAUSED to any firm is enormous. Every day there is at least one report of data theft that occurs worldwide.

Correct option is (B) Data leakage

For EXPLANATION: Data leakage is the illicit transmission of data from INSIDE an organization or personal system to an external location or recipient. The phrase is used for describing data that is TRANSFERRED ELECTRONICALLY or even physically.