312-50v12 Questions Bank

The honey trap is a technique where an attacker targets a person online by pretending to be an attractive person and then begins a fake online relationship to obtain confidential information about the target company. In this technique, the victim is an insider who possesses critical information about the target organization.

Baiting is a technique in which attackers offer end users something alluring in exchange for

important information such as login details and other sensitive data. This technique relies on

the curiosity and greed of the end-users. Attackers perform this technique by leaving a physical

device such as a USB flash drive containing malicious files in locations where people can easily

find them, such as parking lots, elevators, and bathrooms. This physical device is labeled with a

legitimate company's logo, thereby tricking end-users into trusting it and opening it on their

systems. Once the victim connects and opens the device, a malicious file downloads. It infects

the system and allows the attacker to take control.

For example, an attacker leaves some bait in the form of a USB drive in the elevator with the

label "Employee Salary Information 2019" and a legitimate company's logo. Out of curiosity and

greed, the victim picks up the device and opens it up on their system, which downloads the

bait. Once the bait is downloaded, a piece of malicious software installs on the victim's system,

giving the attacker access.

Infoga may be a tool gathering email accounts informations (ip,hostname,country,…) from completely different public supply (search engines, pgp key servers and shodan) and check if email was leaked using haveibeenpwned.com API. is a really simple tool, however very effective for the first stages of a penetration test or just to know the visibility of your company within the net.