nerdexam
EC-Council

312-50V10 · Question #96

Within the context of Computer Security, which of the following statements describes Social Engineering best?

The correct answer is C. Social Engineering is the act of getting needed information from a person rather than breaking into. Social engineering is the practice of manipulating people into revealing confidential information or granting access, rather than exploiting technical vulnerabilities.

Social Engineering

Question

Within the context of Computer Security, which of the following statements describes Social Engineering best?

Options

  • ASocial Engineering is the act of publicly disclosing information
  • BSocial Engineering is the means put in place by human resource to perform time accounting
  • CSocial Engineering is the act of getting needed information from a person rather than breaking into
  • DSocial Engineering is a training program within sociology studies

How the community answered

(32 responses)
  • B
    6% (2)
  • C
    91% (29)
  • D
    3% (1)

Why each option

Social engineering is the practice of manipulating people into revealing confidential information or granting access, rather than exploiting technical vulnerabilities.

ASocial Engineering is the act of publicly disclosing information

Publicly disclosing information describes data leakage or whistleblowing, not the manipulative deception that characterizes social engineering.

BSocial Engineering is the means put in place by human resource to perform time accounting

Time accounting by human resources is an administrative HR function entirely unrelated to cybersecurity or social engineering.

CSocial Engineering is the act of getting needed information from a person rather than breaking intoCorrect

Social engineering is a non-technical attack that relies on human psychology and deception to obtain sensitive information, credentials, or unauthorized access from individuals. It targets the human element rather than software or hardware vulnerabilities, making it distinct from exploits and malware. This is why user awareness training is considered a primary countermeasure against social engineering.

DSocial Engineering is a training program within sociology studies

Social engineering is a cybersecurity attack vector, not an academic field within sociology studies.

Concept tested: Definition and nature of social engineering attacks

Source: https://csrc.nist.gov/glossary/term/social_engineering

Topics

#social engineering#human manipulation#information gathering#security awareness

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice