nerdexam
EC-Council

312-50V10 · Question #507

Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?

The correct answer is A. Social Engineering. Social engineering is a penetration testing technique that exploits human psychology to manipulate individuals into divulging information or bypassing security controls.

Social Engineering

Question

Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?

Options

  • ASocial Engineering
  • BPiggybacking
  • CTailgating
  • DEavesdropping

How the community answered

(29 responses)
  • A
    93% (27)
  • C
    3% (1)
  • D
    3% (1)

Why each option

Social engineering is a penetration testing technique that exploits human psychology to manipulate individuals into divulging information or bypassing security controls.

ASocial EngineeringCorrect

Social engineering is explicitly defined as an attack vector that relies heavily on human interaction, using deception, manipulation, and psychological tactics to trick people into violating security procedures such as revealing credentials or granting unauthorized access. It is a formal penetration testing discipline targeting the human element rather than technical vulnerabilities.

BPiggybacking

Piggybacking is a physical security attack where an unauthorized person gains access to a restricted area with the knowledge and consent of an authorized person, making it a specific physical tactic rather than a broad methodology.

CTailgating

Tailgating is a physical intrusion technique where an unauthorized person follows an authorized person through a secured entry point without their awareness, and is a subset of physical security attacks.

DEavesdropping

Eavesdropping is a passive attack involving the interception of network or conversational communications and does not involve tricking people into breaking security procedures.

Concept tested: Social engineering as a human-focused penetration testing method

Source: https://owasp.org/www-community/attacks/Social_Engineering

Topics

#social engineering#human interaction#penetration testing#security awareness

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice