220-1002 Question #45: Real Exam Question with Answer & Explanation

The correct answer is A: Social engineering. The scenario describes email spoofing: an attacker forged the executive's email address in the 'From' field to send messages to third parties. When those messages bounced back (e.g., invalid recipients), the bounce notifications were returned to the spoofed sender address-the exe

Question

A company executive reports receiving numerous bounce-back messages to an inbox. When a technician investigates, it appears the executive did not send any of the messages that triggered the bounce-back replies. Which of the following is MOST likely to have occurred'

Options

ASocial engineering
BMan-in-the-mid die attack
CSpear pNshing
DEmail hijacking
ELogic bomb

Explanation

The scenario describes email spoofing: an attacker forged the executive's email address in the 'From' field to send messages to third parties. When those messages bounced back (e.g., invalid recipients), the bounce notifications were returned to the spoofed sender address-the executive's inbox. Spoofing someone's identity to deceive others is a social engineering technique (A). This is distinct from email hijacking (D), which requires the attacker to have actually gained access to the executive's account; here, no such access is indicated-the executive's account was impersonated, not compromised. Man-in-the-middle (B) intercepts live communications. Spear phishing (C) targets the executive, not the reverse.

Community Discussion

No community discussion yet for this question.

Full 220-1002 Practice