312-50V10 · Question #507
Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?
The correct answer is A. Social Engineering. Social engineering is a penetration testing technique that exploits human psychology to manipulate individuals into divulging information or bypassing security controls.
Question
Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?
Options
- ASocial Engineering
- BPiggybacking
- CTailgating
- DEavesdropping
How the community answered
(29 responses)- A93% (27)
- C3% (1)
- D3% (1)
Why each option
Social engineering is a penetration testing technique that exploits human psychology to manipulate individuals into divulging information or bypassing security controls.
Social engineering is explicitly defined as an attack vector that relies heavily on human interaction, using deception, manipulation, and psychological tactics to trick people into violating security procedures such as revealing credentials or granting unauthorized access. It is a formal penetration testing discipline targeting the human element rather than technical vulnerabilities.
Piggybacking is a physical security attack where an unauthorized person gains access to a restricted area with the knowledge and consent of an authorized person, making it a specific physical tactic rather than a broad methodology.
Tailgating is a physical intrusion technique where an unauthorized person follows an authorized person through a secured entry point without their awareness, and is a subset of physical security attacks.
Eavesdropping is a passive attack involving the interception of network or conversational communications and does not involve tricking people into breaking security procedures.
Concept tested: Social engineering as a human-focused penetration testing method
Source: https://owasp.org/www-community/attacks/Social_Engineering
Topics
Community Discussion
No community discussion yet for this question.